Security News > 2021 > April > Cloud Sniper: Manage and automate cloud security operations

Cloud Sniper is an open-source platform for managing cloud security operations that aims to make it easy for cloud teams to deal with security incidents.

"One of our main goals is end-to-end automation of security incident lifecycles. Cloud Sniper performs automatic actions from deployment via Terraform to findings management," Nicolás Rivero Corvalán, one of the tool's creators, told Help Net Security.

Cloud Sniper is the creation of Corvalán, Matías Marenchino, Santiago Friquet and Luciano Carranza Berra, a multidisciplinary team from the field of security, DevOps and ML, "With a 100% cloud mentality."

Later, extra modules were added to run security tabletop exercise and collect information from cloud environments to feedback into the platform's automations.

"Cloud Sniper is a detection-as-code platform, which uses Python as the main programming language. Due to Python's popularity, it is easy to understand and extend our code, adapting it to specific needs. We use infrastructure as code and integrate to cloud resources natively so that detection can be automated end-to-end," Corvalán explained.

"Cloud Lusat provides internal threat intelligence feeds, inventory, and compliance data collection. The goal is to get more indicators of compromise, integrated with the Cloud Sniper orchestrator, and perform automatic remediation actions. We are currently working on an integration with Kubernetes and Falco, as our goal is to integrate with any open source project that provides more visibility to mitigate incidents in cloud environments."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/2Uo1_rf8PD0/