Security News > 2021 > April > Cloud Sniper: Manage and automate cloud security operations
Cloud Sniper is an open-source platform for managing cloud security operations that aims to make it easy for cloud teams to deal with security incidents.
"One of our main goals is end-to-end automation of security incident lifecycles. Cloud Sniper performs automatic actions from deployment via Terraform to findings management," Nicolás Rivero Corvalán, one of the tool's creators, told Help Net Security.
Cloud Sniper is the creation of Corvalán, Matías Marenchino, Santiago Friquet and Luciano Carranza Berra, a multidisciplinary team from the field of security, DevOps and ML, "With a 100% cloud mentality."
Later, extra modules were added to run security tabletop exercise and collect information from cloud environments to feedback into the platform's automations.
"Cloud Sniper is a detection-as-code platform, which uses Python as the main programming language. Due to Python's popularity, it is easy to understand and extend our code, adapting it to specific needs. We use infrastructure as code and integrate to cloud resources natively so that detection can be automated end-to-end," Corvalán explained.
"Cloud Lusat provides internal threat intelligence feeds, inventory, and compliance data collection. The goal is to get more indicators of compromise, integrated with the Cloud Sniper orchestrator, and perform automatic remediation actions. We are currently working on an integration with Kubernetes and Falco, as our goal is to integrate with any open source project that provides more visibility to mitigate incidents in cloud environments."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/2Uo1_rf8PD0/
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2025: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)