Visibility & Enforcement
Visibility¶
| Tool | Description |
|---|---|
| GCP Resource Manager | Hierarchically manage resources by project, folder, and organization |
| cartography |
|
| starbase |
|
| domain-protect-gcp | Prevent subdomain takeover |
Enforcement¶
| Tool | Description |
|---|---|
| Cloud Custodian |
|
| Cloudkeeper | Standalone CLI tool that periodically collects a list of resources in cloud accounts (AWS, GCP, Azure), provides metrics about them, and can clean them up |
| ForsetiSecurity | Rule-based policies to systematically monitor GCP resources |
| project_lockdown | Collection of automated remediation Cloud Functions that react to high risk events in real time |