Awesome DevOpsSec

This repository stores various AWS and K8s security resources

Resources

Blogs

• AWS 보안 점검 및 보안 설정 가이드
• CloudNet@ Blog
• MR.ZERO

Documents

• AWS Foundational Security Best Practices (FSBP) standard
• AWS Cloud Security Checklist
• K8s Security Checklist
• Kubernetes Hardening Guide
• Securing a K8s Cluster
• EKS Best Practices Guides

Articles

• Detailed Analysis of CloudDon, Cloud Data Breach of Korea e-commerce company
• How I was able to access millions of ID cards on an e-commerce platform
• K8s Standard Architecture(2024)

Workshops

• Amazon EKS Workshops
• AWS Well Architected Labs - Security
• AWS Security Workshops

Conferences

• AWS Security and Risk Management Forum 2023
• Kubernetes Security Best Practices

Challenges

• CloudGoat
• S3 Game
• The Big IAM Challenge
• Kubernetes Goat

Trannings

• AWS Certified Security Specialty
• Certified Kubernetes Security Specialist

Tools

AWS

• CloudSploit - Cloud Security Posture Management(CSPM)
• prowler - Security Vulnerability Scanner
• check_imds - IMDSv1 Scanner
• my-arsenal-of-aws-security-tools - List of open source tools for AWS security

K8s

• Trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes
• kube-bench - Checks whether Kubernetes is deployed according to CIS Kubernetes Benchmark
• kube-hunter - Hunt for security weaknesses in Kubernetes clusters
• managed-kubernetes-auditing-toolkit - identifying common security issues in EKS
• Kubescape - Kubernetes security platform for your clusters, CI/CD pipelines, and IDE
• Falco - Cloud Native Runtime Security
• Clair - Vulnerability Static Analysis for Containers