Permiso Security has introduced three open-source tools aimed at improving cloud security detection capabilities for organizations managing identity and data risks, according to SiliconAngle.
The first tool is called DetentionDodger and scans CloudTrail logs to identify vulnerabilities related to leaked credentials to help organizations detect policy attachment failures and analyze user privileges that could be exploited by threat actors. By reviewing inline and attached policies, DetentionDodger aids security teams in pinpointing identity-based security risks and quickly taking action to secure sensitive resources.
The second tool, BucketShield, focuses on Amazon Web Services log monitoring, specifically for S3 buckets and CloudTrail activity. It ensures consistent logging flows into S3 to prevent misconfigurations and monitors critical areas like identity and access roles, key management service configurations, and S3 log flows. This monitoring supports an audit-ready environment by promptly alerting teams to any log disruptions. The third release, CAPICHE Detection Framework, simplifies the creation of detection rules for cloud APIs, even when full API names are unknown. By automating rule generation, CAPICHE assists security teams in adapting to emerging cloud threats and enhancing their detection capabilities while removing the need for commercial software.
