Skip to content

Visibility & Enforcement


Tool Description


Tool Description
Cloud Custodian
  • Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
  • Custodian can be used to manage AWS, Azure, and GCP environments by ensuring real time compliance to security policies (like encryption and access requirements), tag policies, and cost management via garbage collection of unused resources and off-hours resource management
Cloudkeeper Standalone CLI tool that periodically collects a list of resources in cloud accounts (AWS, GCP, Azure), provides metrics about them, and can clean them up
ForsetiSecurity Rule-based policies to systematically monitor GCP resources
project_lockdown Collection of automated remediation Cloud Functions that react to high risk events in real time
Back to top