Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).

Azure Guardrails

Azure Guardrails allows you to rapidly cherry-pick hundreds of security guardrails in Azure.


A static analysis tool for Infrastructure as Code (IAC) such as Terraform and CloudFormation. I contributed the underlying logic behind the AWS IAM Security scanning rules.


An AWS Pentesting tool that lets you use one-liner commands to share AWS account's resources with a rogue AWS account - or to the entire internet.


An AWS IAM Security Assessment tool that identifies violations of least privilege & creates a risk-prioritized report.

Policy Sentry

Generate Secure IAM Policies Automagically