Hey everyone! I'm working on a small side project to develop a cloud security tool, and I'd love to get your suggestions. The idea is to create a user-friendly dashboard that scans AWS accounts to identify misconfigurations such as public S3 buckets, overly open security groups, lax IAM policies, privilege escalation threats, missing encryption, and some container security checks down the line. I'll also incorporate attack path visualization, showing the route from Internet to Security Group to EC2 and further down to IAM Role and S3. My aim is to build a practical and helpful tool for security reviews and learning rather than a full-fledged alternative to well-known tools like Prisma Cloud. Currently, it scans resources, creates dashboards, displays severity charts, builds attack path graphs, and allows report exports. I'm looking to add features like scheduled scans, one-click remediation tips, email alerts, and multi-region scanning. What additional features would make this tool really beneficial for you in actual use cases? Any ideas would be greatly appreciated!
7 Answers
Does what you're proposing operate similarly to AWS Trusted Advisor?
With solutions like Prowler, Intruder, and Trusted Advisor out there, this market is already pretty saturated. Maybe consider a different focus?
Have you looked into tools like Prowler or AWS CSPM? They already cover a lot of what you're planning.
I'd be curious to see why you think there's a need for another solution, especially if you're not very experienced with AWS or coding yet. What sets your idea apart?
I'm not willing to rely on AI-generated solutions from a tool that could be half-baked. We should be careful about what we trust in our cloud environments.
Creating yet another tool in a crowded space doesn't seem necessary. I've seen so many people trying to replicate existing solutions, and they often end up being the same. Why not think outside the box?
Most of the issues you're targeting can be mitigated with proper service control policies (SCPs). You might want to rethink your approach based on that.
Yeah, I get it. Seems like developers are just asking AI for ideas and ending up with the same suggestions.