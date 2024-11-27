This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments.

ScubaGear

ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations for potential security gaps. ScubaGear analyzes an organization’s M365 tenant configuration, offering actionable insights and recommendations to help administrators address security gaps and strengthen defenses within their Microsoft 365 environment.

Am I Isolated: Open-source container security benchmark

Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isolation. It also provides guidance to improve users’ runtime environments to offer stronger isolation guarantees.

Osmedeus

Osmedeus is an open-source workflow engine designed for offensive security. It serves as a versatile foundation, enabling users to easily create customized reconnaissance systems and scale them across extensive target lists.

Deploy a SOC using Kali Linux in AWS

The Kali SOC in AWS project is a Terraform-based implementation that enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment is ideal for honing skills in security operations, threat detection, incident response, and training scenarios.

