CloudSec Academy

In this article, we’ll discuss typical cloud security pitfalls and how AWS uses CSPM solutions to tackle these complexities and challenges, from real-time compliance tracking to detailed risk assessment.

Open-source software (OSS) software composition analysis (SCA) tools are specialized solutions designed to analyze an application's open-source components and dependencies.

With a CNAPP, your team is empowered to pick and choose solutions that best fit your security capability and cost requirements. This article reviews the best open-source CNAPP tools for 2024.

Chris Champa

October 25, 2024

Open-source software (OSS) incident response (IR) tools are publicly available tools enterprises use to effectively manage and respond to numerous security threats.

Open-source intelligence (OSINT) is a framework that involves gathering, analyzing, and interpreting publicly available data to gain insights into cyber threats, adversarial activities, and attack techniques. OSINT identifies innocuous-seeming information that, if analyzed with an attacker’s mindset, could reveal critical loopholes in an enterprise’s security posture.

Vulnerability scanning is an integral component of every vulnerability management program, providing security teams with insights needed to address vulnerabilities before they become attack vectors. When conducted regularly, vulnerability assessments offer asset discovery and visibility, attack surface management, and compliance enforcement.

Greg Zemlin

September 27, 2024

A threat intel feed, or threat intelligence feed, provides a continuous incoming flow of data related to cyber threats and risks.

Greg Zemlin

September 24, 2024

In this blog post, we’ll shine a light on the top OSS threat intelligence platforms and tools that enterprises can integrate into their security stack.

Ziad Ghalleb

September 20, 2024

The top 14 open-source application security tools—including SCA, secrets scanning, and application security testing tools—to help you streamline the critical process of securing your apps from threats and vulnerabilities.

A guide on the 9 best OSS API security tools that protect sensitive data, infrastructure, and business logic from unauthorized access, data theft, and other attacks.

In this article, we’ll explore the top 9 OSS CSPM tools available today, each with its unique capabilities and benefits for helping organizations identify cloud misconfigurations, prevent security breaches, and ensure compliance with industry standards.

Writing your IR plan from scratch? Not sure where to begin? Get a head start with these free templates and examples.

8 open-source vulnerability management tools and their features, categorized by use case

This blog explores the significance of security in Azure environments and provides an overview of native as well as third-party security tools available to improve an organization’s Azure security stance.

10 native tools for IAM, data protection, network security, threat detection, and compliance management.

We cover the top container security tools across 7 common use cases, including image scanning, compliance, secrets management, and runtime security.

Greg Zemlin

February 29, 2024

Learn how to create your own company incident response policy to prepare and prevent against an attack on your IT systems in this complete guide.

This blog post explores the world of container orchestration tools beyond Kubernetes, highlighting cloud provider tools and open-source alternatives that promise to redefine how we deploy and manage applications.

Shaked Rotlevi

February 16, 2024

We’ll take a deep dive into the MLSecOps tools landscape by reviewing the five foundational areas of MLSecOps, exploring the growing importance of MLSecOps for organizations, and introducing six interesting open-source tools to check out

Explore the security roles your tools should cover, then outline the key tool types to help you build your security workflows.

Read on for a roundup of top open-source tools that are game-changers when it comes to securing your development and operations pipeline.

This article will give you a refresher on code security and review the most popular open-source code security tools available.

Swaroop Sham

December 15, 2023

This article will start with a quick refresher on SBOMs and then list the top SBOM-generation tools available.

Nicolas Ehrman

December 13, 2023

Looking to make the most of containerization while minimizing risk? Container scanning solutions are a critical line of defense that help ensure the safe and secure deployment of applications.

Nicolas Ehrman

October 9, 2023

It’s a good idea to consider a range of Kubernetes security tools. Open source solutions can greatly improve the security of your Kubernetes clusters, so this section explores the top 11 open-source Kubernetes security tools that can help to safeguard your Kubernetes environment.

11 native tools for IAM, data protection, network and application protection, compliance management, and threat detection

Swaroop Sham

August 4, 2023

The best Infrastructure as Code (IaC) tools, curated by use case and categorized into CSP-specific and CSP-neutral providers.