Open Source Projects

Scalesec Vault Assistant

Vault assistant is a quick and easy way to install, configure and run Hashicorp Vault. It provides a dock application to start; stop; seal; unseal and other support functions.

ScaleSec Contributors:

• GitHub: david-wunderlich - ScaleSec: Dave Wunderlich
• GitHub: twenny - ScaleSec: Aaron Wilson

Primary language:

• Shell

Additional details

• Read about it on our blog
• View on GitHub

Scalesec Secret Store

Vault Custom Plugin example showing how to create a custom secret store backend. Can be used a framework or starting point to help jumpstart a development effort.

ScaleSec Contributors:

• GitHub: david-wunderlich - ScaleSec: Dave Wunderlich
• GitHub: twenny - ScaleSec: Aaron Wilson

Primary language:

• Shell

Additional details

• Read about it on our blog
• View on GitHub

Scalesec GCP Workload Identity Federation

This repository contains a python module that allows users to access GCP from AWS without the use of static credentials (aka GCP service account keys). This module can be imported into any python script and leveraged to generate an ephemeral GCP service account access token.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke
• GitHub: iloveicedgreentea - ScaleSec: Ilan Ponimansky

Primary language:

• Python

Additional details

• Read about it on our blog
• View on GitHub

Scalesec Project Lockdown

Project Lockdown is a collection of serverless event-driven auto remediation Cloud Functions designed to react to unsecure resource creations or configurations. Project Lockdown is meant to be deployed in a GCP environment and has the capabilities to monitor and remediate across your entire Organization hierarchy in a matter of seconds.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke
• GitHub: iloveicedgreentea - ScaleSec: Ilan Ponimansky

Primary language:

• Python

Additional details

• Read about it on our blog
• View on GitHub

GCP Organization Policy Bot

This is a 100% serverless tool that analyzes GCP Organization Policies for updates and then posts to a Slack channel as well as Twitter via our Twitter bot.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke
• GitHub: aaronrea - ScaleSec: Aaron Rea
• GitHub: iloveicedgreentea - ScaleSec: Ilan Ponimansky

Primary language:

• Python

Additional details

• Read about it on our blog
• View on GitHub

Scalesec Terraform AWS Service Control Policy Suite

This repo is a collection of AWS Service Control Policies (SCPs) written in Hashicorp Terraform to be used in AWS Organizations.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke
• GitHub: cleibl - ScaleSec: Chris Leibl
• GitHub: eric-gonzales - ScaleSec: Eric Evans

Primary language:

• Hashicorp Configuration Language (HCL)

Additional details

• Read about it on our blog
• View on GitHub

GCP Unused Service Account Lister

Crawls your GCP Organization and returns service accounts that have not been used in the past 90 days based on GCP Recommender Service Account Insight findings.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke

Primary language:

• Python

Additional details

• Read about it on our blog
• View on GitHub

GCP API Key Lister

This script will inventory your entire GCP Organization’s API keys and create two files: key_dump.json and keys.csv. You can read the blog related to this repository here.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke
• GitHub: cleibl - ScaleSec: Chris Leibl

Primary language:

• Python

Additional details

• Read about it on our blog
• View on GitHub

GCP Event Threat Detection Remediator

The Terraform module and Cloud Function is used to demonstrate the concepts discussed in this Article. This repo contains all you need to begin automating remediations for Event Threat Detection findings.

ScaleSec Contributors:

• GitHub: jdyke - ScaleSec: Jason Dyke
• GitHub: cleibl - ScaleSec: Chris Leibl

Primary language:

• Python

Additional details

• Read about it on our blog
• View on GitHub