Search Results for "cloud security"

Microsoft Defender for Cloud (the community repository) is a centralized collection of programmatic automations, policy definitions, remediation scripts, and visualization workbooks designed to help organizations manage and operationalize Microsoft Defender for Cloud at scale. It packages ready-to-use Azure Policy definitions, Logic App templates, PowerShell automation, remediation actions, and custom workbooks so teams can deploy detections, enforce security posture, and automate responses across subscriptions and tenants. ...

...The repository is organized into focused chapters — for example: Password Spray, Consent Grant, Service Principals in Azure DevOps, Entra Connect Sync Service Account, Replay of Primary Refresh Token (PRT), Entra ID Security Config Analyzer, and Adversary-in-the-Middle — each written to explain the attack, show detection approaches, and recommend mitigation steps. For each scenario the playbook describes the attack flow, maps the techniques to the MITRE ATT&CK framework, and explains how to leverage Microsoft’s security stack (Microsoft Defender XDR, Microsoft Sentinel, Azure Entra ID Connect, and Defender for Cloud) to detect and respond.

ScubaGear is a PowerShell-based assessment tool developed by CISA to verify that Microsoft 365 tenant configuration aligns with Secure Cloud Business Application (SCuBA) baselines. It automates scanning of M365 environments like Exchange, Defender, Teams, and SharePoint, and outputs compliance reports to help administrators align with best practice security configurations.

MicroBurst is a PowerShell toolkit from NetSPI focused on assessing Microsoft Azure security by automating discovery, enumeration, and targeted auditing of cloud services and configurations. It bundles many functions to enumerate Azure resources (subscriptions, VMs, storage accounts, container registries, App Services and more), probe common misconfigurations, and harvest sensitive artifacts when available (for example storage blobs, keys, automation account credentials, and other subscription-level secrets). ...

...The project supplies deployable artifacts (Bicep/ARM/Terraform modules, examples, and documentation) to accelerate consistent deployments across regions and teams while embedding best practices for security, cost management, and operations. It also addresses cross-cutting concerns like monitoring, logging, backup, and role-based access control so tenants don’t rediscover the same integration work each time they stand up a service. For cloud platform teams, Enterprise-Scale reduces design debates and provides a baseline that can be extended to meet vertical or regulatory needs.

TigerSafe is a free open source password manager. It allows to store passwords in a file, without internet, by encrypting them with a single password. The user can then use a different password for every website he wants to use, and only has to remember a single password: the one used to encrypt/decrypt the file storing his passwords. It is highly recommended to do backups of the file storing passwords with TigerSafe, for example copy/paste it in USB flash drives, cloud drives like Google...