Cloud security engineers are notoriously overworked and under-resourced. This curated list has links to tools, frameworks and resources to make their lives easier.
- Cloud Security Alliance Research
- Datadog Security Labs
- Elastic Security Labs
- Google Project Zero
- Microsoft Security Response Center
- Orca Research Pod
- Rapid7 Research
- Sysdig Threat Research
- Team Nautilus by Aqua Security
- Unit 42 by Palo Alto Networks
- Wiz Cloud Threat Landscape
These are vendors with publicly traded stocks. The links lead to a vendor's website, LinkedIn company page and the stock price on Yahoo! Finance.
- Check Point | LinkedIn | CHKP
- Cisco | LinkedIn | CSCO
- CloudFlare | LinkedIn | NET
- CrowdStrike | LinkedIn | CRWD
- CyberArk | LinkedIn | CYBR
- Datadog | LinkedIn | DDOG
- Fortinet | LinkedIn | FTNT
- Palo Alto Networks | LinkedIn | PANW
- Qualys | LinkedIn | QLYS
- Radware | LinkedIn | RDWR
- SentinelOne | LinkedIn | S
- Tenable | LinkedIn | TENB
- Varonis | LinkedIn | VRNS
- Zscaler | LinkedIn | ZS
Venture-funded companies
- AccuKnox | LinkedIn | Crunchbase
- Aikido | LinkedIn | Crunchbase
- Aqua Security | LinkedIn | Crunchbase
- ARMO | LinkedIn | Crunchbase
- Arnica | LinkedIn | Crunchbase
- Astrix | LinkedIn | Crunchbase
- Avalor | LinkedIn | Crunchbase
- Bright Security | LinkedIn | Crunchbase
- Chainloop | LinkedIn | Crunchbase
- Clutch | LinkedIn | Crunchbase
- Coalfire | LinkedIn | Crunchbase
- Curity | LinkedIn | Crunchbase
- Cyera | LinkedIn | Crunchbase
- Cyscale | LinkedIn | Crunchbase
- Cyware | LinkedIn | Crunchbase
- Darktrace | LinkedIn | Crunchbase
- Deepfence | LinkedIn | Crunchbase
- Deepsource | LinkedIn | Crunchbase
- Eureka Security | LinkedIn | Crunchbase
- Endor Labs | LinkedIn | Crunchbase
- Entro | LinkedIn | Crunchbase
- Gem Security | LinkedIn | Crunchbase
- GitGuardian | LinkedIn | Crunchbase
- Grip Security | LinkedIn | Crunchbase
- Hunters | LinkedIn | Crunchbase
- JupiterOne | LinkedIn | Crunchbase
- Kloudle | LinkedIn | Crunchbase
- Lacework | LinkedIn | Crunchbase
- Lightlytics | LinkedIn | Crunchbase
- Lineaje | LinkedIn | Crunchbase
- Matano | LinkedIn | Crunchbase
- Metomic | LinkedIn | Crunchbase
- Netwrix | LinkedIn | Crunchbase
- Normalyze | LinkedIn | Crunchbase
- Noq | LinkedIn | Crunchbase
- OASIS Security | LinkedIn | Crunchbase
- OpenRaven | Linkedin | Crunchbase
- Orca Security | LinkedIn | Crunchbase
- OpsHelm | LinkedIn | Crunchbase
- Query | LinkedIn | Crunchbase
- Pangea | Linkedin | Crunchbase
- Permiso | LinkedIn | Crunchbase
- PingSafe | LinkedIn | Crunchbase
- Plerion | LinkedIn | Crunchbase
- Prevasio | LinkedIn | Crunchbase
- Rapid7 | Linkedin | Crunchbase
- Runecast | LinkedIn | Crunchbase
- RunReveal | LinkedIn | Crunchbase
- Salt Security | LinkedIn | Crunchbase
- SecureDawn | LinkedIn | Crunchbase
- Seemplicity | LinkedIn | Crunchbase
- Sentra | LinkedIn | Crunchbase
- Scrut Automation | LinkedIn | Crunchbase
- Slauth | LinkedIn | Crunchbase
- Snyk | LinkedIn | Crunchbase
- Sonar | LinkedIn | Crunchbase
- Sonrai Security | LinkedIn | Crunchbase
- Sophos | LinkedIn | Crunchbase
- Soveren | LinkedIn | Crunchbase
- Spyderbat | LinkedIn | Crunchbase
- StrongDM | LinkedIn | Crunchbase
- Sweet Security | Linkedin | Crunchbase
- Tigera | LinkedIn | Crunchbase
- Tines | LinkedIn | Crunchbase
- Torq | LinkedIn | Crunchbase
- Trellix | LinkedIn | Crunchbase
- Twingate | LinkedIn | Crunchbase
- UpGuard | LinkedIn | Crunchbase
- Upwind | LinkedIn | Crunchbase
- Wazuh | LinkedIn | Crunchbase
- Wiz | LinkedIn | Crunchbase
- Accurics | LinkedIn | Crunchbase --> acquired by Tenable
- Bionic | LinkedIn | Crunchbase --> acquired by Crowdstrike
- Bit Discovery | LinkedIn | Crunchbase --> acquired by Tenable
- Cider Security | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
- [Cymptom] | LinkedIn | Crunchbase--> acquired by Tenable
- Dig Security | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
- Ermetic | LinkedIn | Crunchbase --> acquired by Tenable
- Flawcheck | Crunchbase --> acquired by Tenable
- Gem Security | LinkedIn | Crunchbase --> acquired by Wiz
- Isovalent | LinkedIn | Crunchbase --> acquired by Cisco
- Laminar | LinkedIn | Crunchbase --> acquired by Rubrik
- Lightspin | LinkedIn | Crunchbase --> acquired by Cisco
- Mandiant | LinkedIn | Crunchbase --> acquired by Google
- Raftt | LinkedIn | Crunchbase --> acquired by Wiz
- Robust Intelligence | LinkedIn | Crunchbase --> acquired by Cisco
- Sinefa | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
- Spera | LinkedIn | Crunchbase --> acquired by Okta
- Zycada Networks | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
Ordered by date (descending)
- Talon, $825M - Dec 2023
- Dig Security, $350M - Dec 2023
- Zycada Networks, undisclosed - April 2023
- Cider Security, $198M - Dec 2022
- Expanse, $797M - Dec 2020
- Crypsis, $228M - Sept 2020
- Cloudgenix, $403M - April 2020
- Sinefa, $44M - Nov 2020
- Aporeto, $144M - Dec 2019
- Twistlock, $378M - July 2019
- Demisto, $474M - March 2019
- RedLock, $158M - Oct 2018
- Secdo, $83M - April 2018
- Evident.io, $293M - March 2018
- Cyvera, $178M - April 2014
- Bridgecrew, $157M - March 2021
- Aporeto, $144M - Dec 2019
- Lightcyber, $103M - Feb 2017
- Deep Factor - August 2024
- Isovalent - December 2023 blog post
- Oort - July 2023 blog
- Robust Intelligence - August 2024 blog post
includes only security-related acquisitions Ordered by date (descending)
- Sqreen - February 2021 press release
- Seekret - April 2022 press release
- Hdiv Security - May 2022 press release
Ordered by date (descending)
- Ermetic, $265M - Sept 2023
- Bit Discovery, $44.5M - April 2022
- Cymptom, undisclosed - Feb 2022
- Accurics, $160M - Sept 2021
- FlawCheck, undisclosed - Oct 2016
Ordered by date (descending)
- Gem Security, undisclosed - April 2024
- Rafft, undisclosed - December 2023
Native security products offered by the major cloud platforms (AWS, GCP, Azure)
- AWS Shared Responsibility Model
- GCP Shared responsibilities and shared fate on Google Cloud
- Azure Shared Responsibility in the cloud
- DigitalOcean Shared Responsibliity Model
- AWS Cloud Security
- Amazon Detective
- Amazon GuardDuty
- Amazon Security Lake
- AWS Artifact
- AWS Audit Manager
- AWS Config
- AWS Security Hub
- AWS Trusted Advisor
- Altimeter
- AWS Firewall Factory
- BloodHound
- Cartography
- Chainloop
- Checkov
- Cilium
- Cloudbeat
- Cloudquery
- CloudSploit
- DefectDojo
- Falco
- Fix Inventory
- Gapps
- Greenbone OpenVAS Scanner
- KubeArmor
- KubeScape
- Magpie
- Prowler
- S3Scanner
- Sadcloud
- ScoutSuite
- Steampipe
- tfsec
- ThreatMapper
- trivy
- Wazuh
- ZeusCloud
- AI-SPM - AI Security Posture Management
- ASPM - Application Security Posture Management
- CAASM - Cyber Asset Attack Surface Management
- CASB - Cloud Access Security Brokers
- CCO - Corporate Compliance and Oversight
- CDR - Cloud Detection and Response
- CIEM - Cloud Infrastructure Entitlement Management
- CNAPP - Cloud-native Application Protection Platform
- CSPM - Cloud Security Posture Management
- CWPP - Cloud Workload Protection Platform
- CTEM - Continuous Threat Exposure Management
- DSPM - Data Security Posture Management
- EDR - Endpoint Detection and Response
- GRC - Governance, Risk and Compliance
- IGA - Identity Governance Administration
- ITDR - Identity Threat Detection and Response
- KSPM - Kubernetes Security Posture Management
- MDR - Managed Detection and Response
- PAM - Privileged Access Management
- SIEM - Security Information and Event Management
- SOAR - Security Orchestration, Automation and Response
- SOC - Security Operations Center
- XDR - Extended Detection and Response
- XSIAM - Extended Security Intelligence and Automation Management
- Nextdoor CSPM Evaluation Matrix GitHub
- Simple CSPM - GCP CSPM using Google Sheets GitHub
- Prisma Cloud Channel Resource GitHub
- What is eBPF? eBPF Docs
- Building a Security Graph Application on Amazon Neptune GitHub
- CloudSecList by Marco Lancini
- Frankly Speaking by Frank Wang
- Securing the Cloud by Brandon Carroll
- tl;dr sec by Clint Gibler
- Venture in Security by Ross Haleliuk
- Brakeing Down Security
- CISO Tradecraft
- CyberWire Daily
- Darknet Diaries
- Google Cloud Security Podcast
- Hacking Humans
- Malicious Life
- Risky Business
- Security Now
- Smashing Security
- Privacy, Security, & OSINT Show
- Social-Engineer Podcast
- Unsupervised Learning
- CIS Benchmarks List
- CIS AWS Benchmarks
- CIS Google Cloud Computing Platform Benchmarks
- CIS Microsoft Azure Benchmarks
- CIS Oracle Cloud Benchmark
- ISO 27001/27002
- NIST Security and Privacy Controls for Information Systems and Organizations
- NIS 2
- System and Organization Controls (SOC)
- Chaos Communication Congress
- DEF CON
- GrrCon
- Hackers on Planet Earth (HOPE)
- HushCon
- Nullcon
- OWASP
- Security BSides
- ShmooCon
- THOTCON
- ToorCon
- Wild West Hackin' Fest
- AWS re:Invent
- Billington Cybersecurity Summit
- Black Hat
- Cyber Security & Cloud Expo
- Cybersec Europe
- Cybersecurity Summit
- CyberTech Global
- Deutscher IT Security Congress
- fwd:cloudsec
- FS-ISAC Summit
- Gartner Security & Risk Management Summit
- Infosecurity Europe
- Interop Tokyo
- IOT Solutions World Congress
- ISACA North America Conference
- it-sa
- RSA Conference
- SANS Cyber Threat Intelligence Summit
- Sector