Skip to content



Tool Description
  • Automatically organizes your CloudTrail logs in a format suitable for simple querying with Athena
  • Determine what AWS API calls are logged by CloudTrail and what they are logged as
  • You can also use TrailBlazer as an attack simulation framework
  • CloudTrail based anomaly detection for use in AWS
  • It keeps track of all API actions a principal calls (that are tracked by CloudTrail) for a N day period and alerts on new API calls after the N day period
CloudTrail Insights
  • Identify and Respond to Unusual API Activity


Tool Description
Creds Compromise Detection
  • Detecting Credential Compromise in AWS
Detect Console Actions
  • Detecting Manual AWS Console Actions
  • Setup Cloudtrail alerting rules that let you detect when someone makes a manual change in the AWS Console
AWS Console Recorder
  • Records actions made in the AWS Management Console and outputs the equivalent CLI/SDK commands and CloudFormation/Terraform templates
DLP for S3
  • Simple way to detect cross account exfiltration from S3 buckets
Back to top