Cloud Security Office Hours Banner

Cloud Security Resources

A comprehensive collection of cloud security resources. Filter by category or search for specific tools, labs, and training materials.

Breach Kill Chains Add a Resource
Hands selecting tools from a well-organized toolbox
Photo by Anastasia Shuraeva on Pexels

CTF Challenges & Vulnerable Environments

See also our dedicated CTFs page with the full Wiz Cloud Security Championship calendar and CTFs grouped by cloud provider.

OWASP EKS Goat preview

OWASP EKS Goat

Intentionally vulnerable AWS EKS environment with 20+ attack-defense labs simulating real-world misconfigurations, IAM flaws, and pod breakout paths.

CTF Labs & Training AWS Kubernetes
Kubernetes Goat preview

Kubernetes Goat

Interactive Kubernetes security learning platform with guided workbook for GKE, EKS, AKS, or K3S. Deploy in your own cloud account.

CTF Labs & Training Kubernetes Multi-Cloud
Kubecon NA 2019 CTF preview

Kubecon NA 2019 CTF

GCP-based CTF with guided workbook covering two attack and defense scenarios plus bonus challenges.

CTF GCP Kubernetes
OWASP Wrong Secrets preview

OWASP Wrong Secrets

Hands-on vulnerable application teaching secrets management anti-patterns and best practices.

CTF Labs & Training Secrets Management
CloudGoat preview

CloudGoat

Deliberately vulnerable AWS deployment tool for learning cloud penetration testing. Create scenarios in your own AWS account.

CTF AWS Labs & Training
Wiz EKS Cluster Games preview

Wiz EKS Cluster Games

Vulnerable EKS pod with flag challenges across environment, includes leaderboard and requires registration.

CTF AWS Kubernetes
Wiz Big IAM Challenge preview

Wiz Big IAM Challenge

CTF focused on AWS IAM privilege escalation and permission boundaries.

CTF AWS IAM
Wiz K8s LAN Party preview

Wiz K8s LAN Party

Network of misconfigurations and vulnerabilities in Kubernetes cluster with leaderboard.

CTF Kubernetes
Wiz CTF Portal preview

Wiz CTF Portal

Central hub for all Wiz CTF challenges and competition. Explore various cloud security challenges with leaderboards and prizes.

CTF Cloud Security Competition
Thunder CTF preview

Thunder CTF

GCP-focused CTF challenges covering various cloud security scenarios.

CTF GCP
IAM Vulnerable preview

IAM Vulnerable

AWS IAM privilege escalation playground with 31 different attack paths. Deploy with Terraform.

CTF AWS IAM
CloudFoxable preview

CloudFoxable

Deploy vulnerable AWS scenarios using Terraform. Companion to CloudFox enumeration tool.

CTF AWS Labs & Training
BadZure preview

BadZure

Deliberately vulnerable Azure infrastructure for testing and learning.

CTF Azure
AIGoat preview

AIGoat

Deliberately vulnerable AI infrastructure from Orca Research for learning AI security.

CTF AI/ML
CNAPPGoat preview

CNAPPGoat

Multi-cloud vulnerable environment for testing CNAPP capabilities.

CTF Multi-Cloud
CICDont preview

CICDont

Deliberately vulnerable CI/CD environment for learning pipeline security.

CTF CI/CD
Bust a Kube preview

Bust a Kube

Vulnerable K8S cluster VMs for local VMWare environment.

CTF Kubernetes
Kube Security Lab preview

Kube Security Lab

Local Kubernetes security testing environment with 14 vulnerable clusters using Docker, Ansible, and Kind.

CTF Kubernetes Labs & Training
Blue Team Labs preview

Blue Team Labs

Defensive security scenarios and detection engineering challenges.

Labs & Training Blue Team
flaws.cloud preview

flaws.cloud

The classic AWS CTF by Scott Piper. Six progressive challenges covering S3, IAM, and metadata service misconfigurations - hosted live, no AWS account needed.

CTF AWS Free
flaws2.cloud preview

flaws2.cloud

Sequel to flaws.cloud with both attacker and defender tracks. Practice AWS incident response with CloudTrail and GuardDuty alongside offensive scenarios.

CTF AWS Blue Team Free
TerraGoat preview

TerraGoat

Bridgecrew's vulnerable-by-design Terraform repo with multi-cloud misconfigurations. Ideal target for testing IaC scanners and DevSecOps pipelines.

CTF Multi-Cloud IaC DevSecOps
AWSGoat preview

AWSGoat

INE Labs' modern AWS vulnerable environment with serverless and container attack chains. Terraform-deployable with detailed walkthroughs.

CTF AWS Serverless
AzureGoat preview

AzureGoat

Vulnerable-by-design Azure environment covering Functions, App Services, and Storage misconfigurations with Azure-specific privilege escalation paths.

CTF Azure Privilege Escalation
GCPGoat preview

GCPGoat

Vulnerable-by-design GCP environment covering Cloud Functions, Storage, and IAM misconfigurations. Completes the INE Labs Goat trilogy alongside AWS and Azure.

CTF GCP Privilege Escalation
CICD Goat preview

CICD Goat

Vulnerable CI/CD environment with 11 challenges across Jenkins, GitLab, and GitHub Actions. Maps to the OWASP Top 10 CI/CD Security Risks.

CTF CI/CD Open Source Free
sadcloud preview

sadcloud

NCC Group's Terraform project that spins up an AWS account full of intentional misconfigurations. Practice target for CSPM tools and detection engineering.

CTF AWS Terraform Open Source
OWASP ServerlessGoat preview

OWASP ServerlessGoat

OWASP's vulnerable AWS Lambda application teaching serverless-specific attacks like event injection and over-privileged functions. Maps to the Serverless Top 10.

CTF AWS Serverless Open Source
CfnGoat preview

CfnGoat

Bridgecrew's vulnerable-by-design CloudFormation templates. Practice target for IaC scanners like Checkov - learn to write and validate custom policies.

CTF AWS IaC Open Source
CDKGoat preview

CDKGoat

Bridgecrew's intentionally insecure AWS CDK project. Helps CDK developers see what IaC scanners catch in synthesized CloudFormation before they ship.

CTF AWS IaC Open Source
GOAD preview

GOAD - Game of Active Directory

Pre-built vulnerable Active Directory lab with misconfigured trusts, Kerberos abuse paths, and AD CS flaws. The standard environment for learning hybrid identity attacks.

CTF Labs & Training Active Directory Open Source
TerraformGoat preview

TerraformGoat

Vulnerable multi-cloud Terraform modules covering AWS, GCP, Azure, and Alibaba Cloud misconfigurations. Self-contained scenarios you can apply, exploit, and destroy.

CTF Multi-Cloud IaC Open Source
PurpleCloud preview

PurpleCloud

Terraform-driven Entra ID attack/defense lab. Provisions vulnerable tenants and hybrid joins with Microsoft Sentinel logging pre-wired for purple-team exercises.

CTF Azure Active Directory Open Source
Hacking the Cloud preview

Hacking the Cloud

Open-source encyclopedia of cloud offensive tradecraft for AWS, Azure, GCP, and Kubernetes. Maps techniques to working PoC commands with research citations.

CTF Multi-Cloud Free Open Source
Vulhub preview

Vulhub

Pre-built Docker Compose environments reproducing hundreds of real CVEs. Spin up Log4Shell, Spring4Shell, and container escapes in seconds for hands-on practice.

CTF Containers Free Open Source
picoCTF preview

picoCTF

Carnegie Mellon CyLab's free CTF platform with archived problems and a self-paced picoGym. A common on-ramp before tackling cloud-specific challenges.

CTF Free Beginner
CTFtime preview

CTFtime

Central calendar and rating site for CTF competitions worldwide, with writeup archives, team rankings, and links to active events.

CTF Free Community
OverTheWire Wargames preview

OverTheWire Wargames

SSH-based wargames teaching shell, networking, and crypto fundamentals. Bandit is the standard on-ramp before cloud and container CTFs.

CTF Free Beginner
VulnHub preview

VulnHub

Archive of downloadable vulnerable VMs for boot2root, web, and Active Directory practice. Runs offline in VirtualBox - no cloud credits required.

CTF Labs & Training Free
flAWS Challenge preview

flAWS Challenge

Scott Piper's classic six-level AWS CTF teaching real-world S3, IAM, and Lambda misconfigurations. Free, no registration, no AWS account required.

CTF AWS Free Beginner
flAWS 2 preview

flAWS 2

Sequel to flAWS with parallel attacker and defender tracks across ECS, IAM chaining, and CloudTrail forensics.

CTF AWS Free Blue Team
Hacker101 CTF preview

Hacker101 CTF

HackerOne's free browser-based CTF covering web, API, and auth challenges. Captured flags can unlock private bug bounty invites.

CTF Free Web Security Bug Bounty
OWASP Juice Shop preview

OWASP Juice Shop

Intentionally vulnerable web app covering the OWASP Top 10 and modern issues like JWT flaws and SSRF. Built-in scoreboard and CTF export for team events.

CTF Labs & Training Web Security Open Source
PortSwigger Web Security Academy preview

PortSwigger Web Security Academy

Free interactive labs on XSS, SSRF, deserialization, OAuth flaws, and more from the Burp Suite team. Browser-based with no setup.

CTF Labs & Training Web Security Free
Google CTF preview

Google CTF

Public archive of Google's annual CTF challenges with source, build steps, and official writeups. Spans web, crypto, pwn, RE, and cloud scenarios.

CTF Free Open Source
pwn.college preview

pwn.college

ASU's free university-grade security training with hundreds of dojos spanning Linux internals, assembly, reverse engineering, and exploitation.

CTF Free Beginner
CryptoHack preview

CryptoHack

Progressive cryptography challenges covering symmetric, asymmetric, ECC, and protocol-level flaws. Browser-based and free.

CTF Cryptography Free
Root Me preview

Root Me

600+ free challenges across web, crypto, forensics, network, and full-environment scenarios. A self-paced complement to OSCP-style pentest training.

CTF Free Web Security
A focused view of books on a library shelf featuring various titles in soft lighting
Photo by Josh Sorenson on Pexels
240+ links, vendor-neutral, no affiliate codes - curated by the community for the community. - what this catalog is and isn’t

Hands-On Labs & Training Platforms

Hack The Box BlackSky preview

Hack The Box BlackSky

Cloud security specialist labs for AWS, Azure, and GCP with realistic enterprise infrastructure. Earn Cloud Security Specialist certifications.

Labs & Training Certification Multi-Cloud
Cybr Free AWS Labs preview

Cybr Free AWS Labs

Free 1-click deploy hands-on AWS security labs for building practical skills risk-free.

Labs & Training AWS Free
Digital Cloud Training Challenge Labs preview

Digital Cloud Training Challenge Labs

1000+ scenario-based labs for AWS and Azure with automatic validation, scoring, and multiple difficulty levels.

Labs & Training AWS Azure
AWS Well-Architected Security Labs preview

AWS Well-Architected Security Labs

Hands-on labs and documentation for building secure workloads using AWS Well-Architected Framework.

Labs & Training AWS
Awesome CloudSec Labs preview

Awesome CloudSec Labs

Curated collection of free cloud native security learning labs including CTF, workshops, and research labs.

Labs & Training Multi-Cloud
Immersive Labs preview

Immersive Labs

Cyber drills, labs, and reporting mapped to MITRE ATT&CK, NICE, and NIST frameworks for measuring team readiness.

Labs & Training Platform
SecureFlag GCP Labs preview

SecureFlag GCP Labs

Hands-on GCP security training covering IAM, network security, encryption, and API security.

Labs & Training GCP
Pwned Labs preview

Pwned Labs

Premium Azure and AWS security labs with assume-breach scenarios and professional certifications.

Labs & Training AWS Azure
TryHackMe preview

TryHackMe

Gamified cybersecurity training with cloud security learning paths and 800+ labs.

Labs & Training Multi-Cloud
A Cloud Guru preview

A Cloud Guru

Comprehensive cloud training platform with AWS, Azure, and GCP security courses.

Training Multi-Cloud
CBT Nuggets preview

CBT Nuggets

IT training platform with cloud security certification prep courses.

Training Certification
Udemy Courses preview

Udemy Courses

Wide selection of cloud security courses from various instructors.

Training Multi-Cloud
Amazon EKS Workshop preview

Amazon EKS Workshop

Hands-on workshop for learning Amazon EKS including security best practices.

Labs & Training AWS Kubernetes
The Homelab Almanac preview

The Homelab Almanac

Comprehensive guide for building your own security home lab with infrastructure-as-code examples and practical setups.

Labs & Training Infrastructure Guide
Cybersecurity Expert Roadmap preview

Cybersecurity Expert Roadmap

Structured learning path for cloud security expertise with recommended skills, tools, and resources for different career levels.

Labs & Training Roadmap Career
SLAW: Security Lab a Week preview

SLAW: Security Lab a Week

Hands-on cloud security labs from Securosis with 15-30 minute exercises focusing on practical cloud security scenarios.

Labs & Training Cloud Security Hands-on
Microsoft Learn Security preview

Microsoft Learn - Azure Security

Free official Microsoft training with browser-based sandboxes for hands-on Azure security practice. Maps directly to AZ-500 and SC-100 certification paths.

Labs & Training Azure Free
Google Cloud Skills Boost preview

Google Cloud Skills Boost - Security

Hands-on GCP security learning path with temporary cloud environments provided. Covers IAM, VPC Service Controls, and Security Command Center.

Labs & Training GCP Cloud Security
AttackIQ Academy preview

AttackIQ Academy

Free training on threat-informed defense, MITRE ATT&CK, purple teaming, and adversary emulation. CPE credits awarded for completion.

Labs & Training MITRE ATT&CK Free
Antisyphon Training preview

Antisyphon Training

Pay-what-you-can security training from John Strand and Black Hills InfoSec. Live virtual classes with practitioner instructors and active Discord support.

Labs & Training Pay-What-You-Can Live Training
Hack The Box Academy preview

Hack The Box Academy

Structured courses with integrated labs and job-role paths. Earn industry-recognized certifications like CBBH and CPTS through hands-on practice.

Labs & Training Pentesting Career Paths
AWS Skill Builder preview

AWS Skill Builder

AWS's official training portal with free courses, security learning plans, and sandboxed hands-on labs. Curated by AWS engineers and aligned to certification objectives.

Labs & Training AWS Free
Killercoda preview

Killercoda

Browser-based interactive Kubernetes and cloud-native scenarios from the CKS simulator team. Free, no signup for most labs - popular for CKS exam prep.

Labs & Training Kubernetes Free
AWS Workshops Catalog preview

AWS Workshops Catalog

Official self-paced workshops by AWS architects covering IAM, GuardDuty, Security Hub, Detective, and incident response with deploy scripts and walkthroughs.

Labs & Training AWS Free
Google Cloud Skills Boost preview

Google Cloud Skills Boost

Google's official labs platform (formerly Qwiklabs) with self-paced GCP environments. Security paths cover IAM, VPC Service Controls, BeyondCorp, and PCSE cert prep.

Labs & Training GCP Certification
Cloud Resume Challenge preview

Cloud Resume Challenge

Forrest Brazeal's project-based challenge spanning IaC, CI/CD, serverless, and identity. Builds a real portfolio piece that exercises end-to-end cloud security thinking.

Labs & Training Multi-Cloud Free
DetectionLab preview

DetectionLab

Chris Long's curated Windows detection-engineering lab with AD, ELK, Velociraptor, and Splunk pre-wired. The reference project for tuning Sigma rules and tracing attacks.

Labs & Training Blue Team Open Source Free
RangeForce Community Edition preview

RangeForce Community Edition

Browser-based hands-on training with cloud, container, and SOC modules. Free community tier runs in sandboxed environments with no setup.

Labs & Training Free Blue Team
CyberDefenders preview

CyberDefenders

Blue-team labs covering DFIR, incident response, and cloud log analysis. Free tier covers most challenges; paid tier adds structured career paths.

Labs & Training Blue Team DFIR Free
Iximiuz Labs preview

Iximiuz Labs

Free interactive Linux, container, and Kubernetes labs by Ivan Velichko. Each lab gives you a real terminal environment with guided exercises.

Labs & Training Kubernetes Free
KodeKloud preview

KodeKloud

Browser-based labs and courses for Kubernetes, Docker, Terraform, and DevSecOps. Popular CKA/CKAD/CKS prep with hands-on exam-style practice tests.

Labs & Training Kubernetes DevSecOps
AWS Cloud Quest preview

AWS Cloud Quest

AWS's free 3D role-playing game that teaches services through guided quests, including a Security path covering IAM, GuardDuty, KMS, and incident response.

Labs & Training AWS Free
Google Cybersecurity Certificate preview

Google Cybersecurity Certificate

Google's eight-course Coursera certificate covering frameworks, networks, Linux/SQL, Python automation, and incident response. Free to audit, paid for the credential.

Labs & Training Beginner GCP
Isovalent Labs preview

Isovalent Labs

Free hosted labs covering Cilium, eBPF, Kubernetes network policy, and Tetragon runtime security. Runs in a sandbox - no cluster required.

Labs & Training Kubernetes Free
HashiCorp Developer Tutorials preview

HashiCorp Developer Tutorials

Official HashiCorp tutorials for Terraform, Vault, Consul, and Boundary - including secrets rotation, dynamic credentials, and policy-as-code.

Labs & Training Free Multi-Cloud
SANS Cyber Aces Online preview

SANS Cyber Aces Online

Free foundational SANS tutorials covering operating systems, networking, and system administration - the baseline before any paid GIAC track.

Labs & Training Free Beginner
Snyk Learn preview

Snyk Learn

Free interactive lessons on appsec, IaC, container, and supply chain security with browser-based exploit-then-patch sandboxes.

Labs & Training Free AppSec Supply Chain
TCM Security Academy preview

TCM Security Academy

Affordable practical pentesting and Active Directory courses from The Cyber Mentor. Pairs with the PNPT certification.

Labs & Training Pentest Beginner
INE preview

INE

Hands-on labs and learning paths across cloud, security, and networking. Home of the eJPT and eCPPT pentest certifications.

Labs & Training Multi-Cloud Pentest
AppSecEngineer preview

AppSecEngineer

Hands-on cloud-native and DevSecOps training spanning AWS, Azure, GCP, Kubernetes, and secure coding. Browser-based labs aligned to security engineer roles.

Labs & Training Multi-Cloud AppSec DevSecOps
OpenSecurityTraining2 preview

OpenSecurityTraining2

Free university-grade courses on x86/ARM internals, reverse engineering, and vulnerability research. Rounds out the depth missing from cloud-only curricula.

Labs & Training Free Open Source
Practical DevSecOps preview

Practical DevSecOps

Browser-lab training and certifications for CI/CD security, container and Kubernetes hardening, IaC scanning, and SBOM workflows.

Labs & Training DevSecOps Kubernetes CI/CD
edX Cybersecurity preview

edX Cybersecurity

University-led cybersecurity courses from MIT, Harvard, Berkeley, and IBM. Free to audit; paid for verified certificates and graded labs.

Labs & Training Beginner Free
Cloud Academy preview

Cloud Academy

Subscription multi-cloud training with sandboxed AWS, Azure, and GCP labs plus structured security learning paths and skill assessments.

Labs & Training Multi-Cloud DevSecOps
Codecademy Cybersecurity Path preview

Codecademy Cybersecurity Path

Interactive in-browser learning path covering security fundamentals, network security, OWASP Top 10, and basic offensive techniques. Beginner-friendly with no setup.

Labs & Training Beginner Free

Security Tools & Platforms

AccuKnox CNAPP preview

AccuKnox CNAPP

Zero Trust CNAPP with integrated CSPM, CWPP, KSPM, ASPM. Features runtime protection via KubeArmor with eBPF/LSM and inline mitigation.

CNAPP Open Source
Wiz CNAPP preview

Wiz CNAPP

Agentless CNAPP with security graph technology for visualizing attack paths across AWS, Azure, GCP, OCI, and Alibaba Cloud.

CNAPP Multi-Cloud
Sysdig Secure preview

Sysdig Secure

CNAPP leveraging open-source Sysdig and Falco for deep runtime threat detection with eBPF monitoring.

CNAPP Open Source
Orca Security preview

Orca Security

Agentless CNAPP with side-scanning technology and attack path analysis showing real-world exploitation scenarios.

CNAPP Agentless
Aikido Security preview

Aikido Security

Unified code-to-cloud platform combining CSPM, CWPP, SAST, SCA. Traces issues from runtime back to IaC source code.

CNAPP DevSecOps
Fidelis Security Halo preview

Fidelis Security Halo

CNAPP with patented 2MB microagent technology for Windows/Linux with self-installing capabilities.

CNAPP
Shodan preview

Shodan

Search engine for Internet-connected devices. Essential for cloud asset discovery and reconnaissance.

Recon Threat Intel
ZoomEye preview

ZoomEye

Cyberspace search engine for discovering exposed services and devices.

Recon Threat Intel
Censys preview

Censys

Internet scanning and attack surface management platform.

Recon Attack Surface
LeakIX preview

LeakIX

Search engine for exposed data and misconfigurations.

Recon Data Leaks
DNSDumpster preview

DNSDumpster

DNS reconnaissance and research tool for discovering domain assets.

Recon DNS
Security Trails preview

Security Trails

DNS and domain intelligence for attack surface discovery.

Recon DNS
grep.app preview

grep.app

Search across 500K+ GitHub repositories for code, credentials, and configurations.

Code Search Secrets
Dorksearch preview

Dorksearch

Google dork search tool for finding exposed information.

Recon OSINT
Packet Storm preview

Packet Storm

Information security news, files, and exploits database.

Research Exploits
Exploit-DB preview

Exploit-DB

Archive of public exploits and vulnerable software.

Research Exploits
CloudVulnDB preview

CloudVulnDB

Open-source database of cloud security vulnerabilities.

Research Vulnerabilities

isotope¹³ Supply-Chain Attack Compendium

Research database of supply-chain attacks from 1975 to 2026, indexed by year, vector, and payload insertion point.

Research Supply Chain
OWASP preview

OWASP

Open Web Application Security Project with cloud security resources.

Framework Research
Cloud Katana preview

Cloud Katana

Cloud adversary emulation tool for testing detection capabilities.

Red Team Azure
ScoutSuite preview

ScoutSuite

Multi-cloud security auditing tool for AWS, Azure, GCP, and more.

CSPM Multi-Cloud Open Source
ReARM Preview

ReARM

ReARM - Release-Level Supply Chain Evidence Platform. ReARM stores and manages SBOMs, xBOMs, SAST / DAST scan results, Attestations, and other Security Artifacts.

DevSecOps Vulnerability Testing Compliance Tool Open Source
Saner CNAPP preview

Saner CNAPP

Revolutionary CNAPP integrating CSPM, CIEM, CWPP with AI-driven monitoring and automated remediation.

CNAPP AI
Datadog Cloud Security preview

Datadog Cloud Security

Real-time threat detection with compliance automation for DevSecOps workflows.

CSPM Monitoring DevSecOps
FortiCNAPP (formerly Lacework) preview

FortiCNAPP (formerly Lacework)

AI-powered CNAPP with ML anomaly detection and automated threat response. Formerly Lacework Polygraph.

CNAPP AI CNAPP
SentinelOne Cloud preview

SentinelOne Cloud

AI-powered threat detection for cloud workloads with runtime protection.

CWPP AI CWPP
Check Point CloudGuard preview

Check Point CloudGuard

Unified security across applications, networks, and workloads with AI-driven threat prevention.

CNAPP CNAPP Enterprise
CrowdStrike Falcon Cloud preview

CrowdStrike Falcon Cloud

Identity-centric cloud security with continuous monitoring and least-privilege enforcement.

CNAPP Identity CIEM
Palo Alto Prisma Cloud preview

Palo Alto Prisma Cloud

Comprehensive CNAPP with end-to-end security from code to cloud.

CNAPP CNAPP Enterprise
Prowler preview

Prowler

Leading open-source multi-cloud security assessment tool. 500+ checks across AWS, Azure, GCP, and Kubernetes mapped to CIS, PCI-DSS, and HIPAA.

Tool Multi-Cloud Compliance Open Source
Steampipe preview

Steampipe

Query cloud APIs with SQL. 140+ plugins for AWS, Azure, GCP, Kubernetes, and SaaS - ideal for asset inventory and ad-hoc security investigations.

Tool Multi-Cloud Open Source
Checkov preview

Checkov

Open-source IaC scanner for Terraform, CloudFormation, Kubernetes, Helm, and Dockerfiles. 1,000+ built-in policies and custom Python or YAML rules.

Tool IaC DevSecOps Open Source
Trivy preview

Trivy

Aqua's all-in-one open-source scanner. CVEs, misconfigurations, secrets, and SBOMs across containers, IaC, and Kubernetes - the de facto standard for image scanning.

Tool Container Security SBOM Open Source
Kubescape preview

Kubescape

CNCF-hosted Kubernetes security platform. Scans clusters and IaC against NSA-CISA, MITRE ATT&CK, and CIS Kubernetes frameworks with remediation guidance.

Tool Kubernetes CNCF Open Source
Falco preview

Falco

CNCF graduated runtime security engine using eBPF to detect anomalous container, host, and Kubernetes activity. The reference project behind many CNAPP runtime modules.

Tool Runtime Security CNCF Open Source
CloudFox preview

CloudFox

Bishop Fox's offensive cloud enumeration CLI. Surfaces AWS and Azure attack paths, exposed services, IAM trust relationships, and secrets in user data.

Tool AWS Offensive Security Open Source
gitleaks preview

gitleaks

Fast open-source secret scanner for git history, commits, and files. Runs locally, in pre-commit hooks, or as a GitHub Action to catch credentials before they ship.

Tool Secrets Detection Open Source
Pacu preview

Pacu

Rhino Security Labs' open-source AWS exploitation framework. 80+ modules for enumeration, privilege escalation, and persistence - the standard tool for offensive cloud testing.

Tool AWS Offensive Security Open Source
Cloud Custodian preview

Cloud Custodian

Capital One's open-source policy-as-code engine for AWS, Azure, and GCP. Write YAML rules that detect and auto-remediate misconfigurations across cloud estates.

Tool Multi-Cloud Policy as Code Open Source
Stratus Red Team preview

Stratus Red Team

Datadog's open-source cloud attack emulation framework mapped to MITRE ATT&CK. Detonates safe attack scenarios across AWS, Azure, GCP, and K8s to validate detections.

Tool Multi-Cloud Detection Engineering Open Source
Cilium preview

Cilium

CNCF graduated eBPF networking and security platform for Kubernetes. Provides L3-L7 network policies, transparent encryption, and Hubble flow observability.

Tool Kubernetes Open Source
Open Policy Agent preview

Open Policy Agent (OPA)

CNCF graduated policy engine using the Rego language. Unified policy-as-code across Kubernetes admission, Terraform, Envoy, and microservice APIs.

Tool Policy as Code Kubernetes Open Source
Semgrep preview

Semgrep

Lightweight SAST tool with pattern-matching rules covering secrets, insecure SDK usage, and IaC misconfigurations. Free CLI and OSS rules; commercial tier adds a platform.

Tool DevSecOps Open Source
Kyverno preview

Kyverno

CNCF Kubernetes policy engine using YAML rules. Validates, mutates, and generates resources at admission and audits existing clusters - no dedicated policy language.

Tool Kubernetes CNCF Open Source
Sigstore preview

Sigstore

OpenSSF keyless signing for container images and SBOMs via short-lived OIDC certs and a transparency log. Adopted by Kubernetes, npm, PyPI, and major registries.

Tool Supply Chain Open Source
TruffleHog preview

TruffleHog

Open-source secret scanner that verifies leaked credentials by calling the upstream API, across git, S3, Docker, Slack, Jira, and more. Cuts false-positive triage sharply.

Tool Secrets Management DevSecOps Open Source
OpenSSF Scorecard preview

OpenSSF Scorecard

OpenSSF tool that scores repos on branch protection, signed releases, dependency hygiene, and known vulnerabilities. Used to set minimum bars on open-source dependencies.

Tool Supply Chain DevSecOps Open Source
KICS preview

KICS by Checkmarx

Open-source IaC scanner with 2,400+ queries for Terraform, CloudFormation, Kubernetes, Helm, Docker, and Ansible. Built for fast CI gates.

Tool DevSecOps Open Source
Grype preview

Grype

Open-source vulnerability scanner for container images and filesystems from Anchore. Pulls NVD, GHSA, and distro feeds; pairs with Syft for SBOMs.

Tool Supply Chain Open Source
CISA ScubaGear preview

CISA ScubaGear

ScubaGear is an assessment tool that verifies that a Microsoft 365 tenant's configuration conforms to the policies described in the SCuBA Secure Configuration Baseline documents, covering Entra ID, Exchange, Teams, SharePoint, OneDrive, Defender, and Power Platform.

Azure Tool Vulnerability Testing Cloud Scanning Compliance Free Open Source
Syft preview

Syft

Open-source SBOM generator for container images and filesystems. Outputs SPDX and CycloneDX; pairs with Grype for downstream scanning.

Tool Supply Chain SBOM Open Source
CloudQuery preview

CloudQuery

Open-source cloud asset inventory that syncs config from AWS, Azure, GCP, and Kubernetes into SQL for plain-query posture checks.

Tool Multi-Cloud CSPM Open Source
OWASP ZAP preview

OWASP ZAP

Flagship open-source DAST proxy for active scanning, fuzzing, and intercepting web app traffic. Ships with CI automation and a REST API.

Tool AppSec DAST Open Source
OSV-Scanner preview

OSV-Scanner

Google's open-source scanner backed by OSV.dev. Runs against lockfiles, SBOMs, and container images across npm, PyPI, Go, Maven, and Linux distros.

Tool SCA Open Source CI/CD
MITRE Caldera preview

MITRE Caldera

Open-source adversary emulation platform built on ATT&CK. Scripts multi-stage attack chains for detection benchmarking and purple-team exercises.

Tool Red Team Purple Team Open Source
kube-bench preview

kube-bench

Open-source CIS Kubernetes Benchmark checker from Aqua Security. Runs as a Job with specific checks for EKS, GKE, AKS, and RKE clusters.

Tool Kubernetes Compliance Open Source
Nuclei preview

Nuclei

ProjectDiscovery's fast template-driven vulnerability scanner. Thousands of YAML templates for CVEs, misconfigurations, and exposed panels - the de facto OSS scanner.

Tool Open Source DevSecOps
BloodHound Community Edition preview

BloodHound Community Edition

SpecterOps' attack-path graph for Active Directory and Entra ID. Surfaces hybrid identity chains from on-prem AD into Azure cloud roles.

Tool Active Directory Azure Open Source
CISA ScubaGoggles preview

CISA ScubaGoggles

CISA's automated assessment for Google Workspace against the SCuBA baselines - the Workspace counterpart to ScubaGear. Outputs an HTML report of findings.

Tool GCP Compliance Open Source

Certifications & Professional Development

CKS Certification preview

CKS Certification

Certified Kubernetes Security Specialist from CNCF. Hands-on certification proving command-line proficiency in securing production K8s workloads.

Certification Kubernetes Labs & Training
Pwned Labs Professional Bootcamps preview

Pwned Labs Professional Bootcamps

Cloud attack & defense bootcamps for AWS (ACRTP), Azure/M365 (MCRTP), and GCP (GCRTP) with professional certifications.

Certification Labs & Training Multi-Cloud
CSA Cloud Threat Modeling preview

CSA Cloud Threat Modeling

Training on top 11 cloud threats, threat modeling techniques, and risk treatment methods.

Training Threat Modeling
AWS Certified Cloud Practitioner preview

AWS Certified Cloud Practitioner

Foundational AWS certification covering cloud concepts and basic security.

Certification AWS Beginner
AWS Solutions Architect Associate (SAA-C03) preview

AWS Solutions Architect Associate (SAA-C03)

Associate-level AWS certification with security design principles.

Certification AWS
AWS Solutions Architect Professional preview

AWS Solutions Architect Professional

Professional-level AWS certification including advanced security architectures.

Certification AWS Advanced
Security Certification Roadmap preview

Security Certification Roadmap

Comprehensive visual guide to cybersecurity certifications and career paths.

Career Path Guide
ISC2 CCSP 2025 preview

ISC2 CCSP 2025

Updated Certified Cloud Security Professional with new domains: zero trust, DevSecOps, cloud-native security.

certification ISC2 Advanced
CKS: Kubernetes Security preview

CKS: Kubernetes Security

Certified Kubernetes Security Specialist with hands-on labs for cluster and system hardening.

certification Kubernetes Hands-on
CSA CCSK v5 preview

CSA CCSK v5

Updated Certificate of Cloud Security Knowledge v5 covering latest cloud security domains.

certification CSA CCSK
GIAC GCSA & GCLD preview

GIAC GCSA & GCLD

Cloud Security Automation (GCSA) and Cloud Data (GCLD) focusing on automation and data security.

certification GIAC Automation
CompTIA Cloud+ 2025 preview

CompTIA Cloud+ 2025

Updated Cloud+ covering cloud security implementation across hybrid environments.

certification CompTIA Entry-Level
Security Blue Team preview

Security Blue Team

Blue team certification platform providing hands-on training and credentials for defensive security practitioners.

Certification Blue Team Hands-on
WiCyS Mentorship Program preview

WiCyS Mentorship Program

Structured annual mentorship program pairing members with experienced cybersecurity professionals for leadership development, career guidance, and networking.

Mentorship Career Development Community
ISACA Mentorship Program preview

ISACA Mentorship Program

Global one-to-one mentorship program for professionals at all career stages in IT audit, cybersecurity, and governance. Mentors and mentees earn CPE hours.

Mentorship Professional Network Career Development
Cyversity preview

Cyversity

Nonprofit offering structured mentorship pairing new and established cybersecurity professionals for personalized career guidance, skills development, and networking.

Mentorship Community Career Development
CyberSecurity Mentoring Hub preview

CyberSecurity Mentoring Hub

Global mentor/mentee program with presentation sessions, networking events, and curated resources for cybersecurity career development.

Mentorship Networking Community
MentorCruise - Cybersecurity preview

MentorCruise - Cybersecurity

One-on-one mentoring marketplace with vetted cybersecurity professionals offering long-term mentorship on cloud security, pentesting, and career strategy.

Mentorship Career Development Professional Network
ISSA International preview

ISSA International

Global nonprofit with local chapters providing educational forums, publications, peer networking, and chapter-level mentorship for security professionals.

Networking Professional Network Mentorship
Cloud Security Alliance Community preview

Cloud Security Alliance Community

Leading cloud security organization with 80,000+ members, local chapter events, research working groups, and an exclusive online networking community.

Networking Community Professional Network
Lateral Connect Mentoring preview

Lateral Connect Mentoring

Group mentorship program where small cohorts work under seasoned cybersecurity professionals, fostering collaborative learning and hands-on experience.

Mentorship Career Development Community
Blacks In Cybersecurity preview

Blacks In Cybersecurity

Mentoring program helping mentees develop technical skills, define career goals, and build their professional brand in cybersecurity.

Mentorship Community Career Development
MassCyberCenter Mentorship preview

MassCyberCenter Mentorship

State-sponsored program connecting diverse undergraduate students with cybersecurity industry professionals for career exploration and network development.

Mentorship Networking Career Development
OWASP Community preview

OWASP Community

Nonprofit with 250+ local chapters hosting meetups, workshops, and conferences for application security networking and community-driven knowledge sharing.

Community Networking Professional Network
See Yourself in Cyber preview

See Yourself in Cyber

National Cybersecurity Alliance initiative helping students launch security careers through campus events, workshops, scholarships, and mentorship connections.

Mentorship Career Development Community
InfraGard preview

InfraGard

FBI-private sector partnership with local chapters for cybersecurity and critical infrastructure professionals to share intelligence and build professional relationships.

Networking Professional Network Community
Leland - Cybersecurity Mentors preview

Leland - Cybersecurity Mentors

Mentoring platform connecting users with top-rated cybersecurity mentors for one-on-one coaching on career transitions, certifications, and professional development.

Mentorship Career Development Professional Network
The Triangle Net preview

The Triangle Net

Cybersecurity community connecting aspiring and junior security professionals with mentorship opportunities, internships, and career resources.

Mentorship Career Development Networking
AWS Certified Security Specialty preview

AWS Certified Security - Specialty (SCS-C03)

AWS's flagship security cert covering threat detection, IAM, infrastructure security, data protection, and incident response. Strong signal for senior AWS security roles.

Certification AWS Specialty
AZ-500 Azure Security Engineer preview

Microsoft AZ-500: Azure Security Engineer Associate

Microsoft's flagship Azure security cert covering identity, platform protection, security operations, and data security. A natural stepping stone to SC-100.

Certification Azure Associate
Google Professional Cloud Security Engineer preview

Google Professional Cloud Security Engineer

Google's premier security cert covering IAM, VPC Service Controls, Cloud KMS, and Security Command Center. Practical, implementation-focused exam content.

Certification GCP Professional
SC-100 Cybersecurity Architect Expert preview

Microsoft SC-100: Cybersecurity Architect Expert

Microsoft's expert-level certification for security architects. Covers Zero Trust, GRC, and end-to-end design across Microsoft 365 and Azure.

Certification Azure Expert Zero Trust
CompTIA Security+ preview

CompTIA Security+ (SY0-701)

The most widely-recognized entry-level security cert. Vendor-neutral, DoD 8570 approved, and often the first step on a cloud security career path.

Certification Entry Level Vendor Neutral
ISC2 CISSP preview

ISC2 CISSP

ISC2's flagship certification and the most-requested credential in senior security job postings. Eight domains spanning architecture, IAM, and risk management.

Certification Vendor Neutral Expert
SC-200 Security Operations Analyst preview

Microsoft SC-200: Security Operations Analyst

Microsoft's associate-level SOC certification covering Sentinel, Defender XDR, and KQL hunting. A natural next step after AZ-500 for blue teamers.

Certification Azure SOC Blue Team
CompTIA CySA+ preview

CompTIA CySA+ (CS0-003)

Vendor-neutral mid-level cert for SOC analysts and threat hunters. DoD 8570 approved and focused on detection, vulnerability management, and incident response.

Certification Vendor Neutral Blue Team
KCSA Certification preview

KCSA - Kubernetes & Cloud Native Security Associate

CNCF's entry-level K8s security cert. Multiple-choice exam covering cloud-native threat model, platform security, and compliance - a stepping stone to CKS.

Certification Kubernetes CNCF
OSCP Certification preview

OSCP (PEN-200)

OffSec's flagship hands-on pentesting cert. 24-hour practical exam covering AD, web, and privilege escalation - the most recognized credential for offensive engineers.

Certification Offensive Security Hands-On
GIAC GPCS Certification preview

GIAC GPCS - Public Cloud Security

GIAC's vendor-neutral cloud security cert spanning AWS, Azure, and M365. Pairs with SANS SEC510 - a strong choice for multi-cloud practitioners wanting breadth.

Certification Multi-Cloud Vendor Neutral
GIAC GCPN Certification preview

GIAC GCPN - Cloud Penetration Tester

GIAC's offensive cloud security cert paired with SANS SEC588. Covers cloud-native enumeration, container escapes, serverless abuse, and CI/CD pipeline attacks.

Certification Multi-Cloud Offensive Security
CSA CCZT Certification preview

CSA CCZT - Certificate of Competence in Zero Trust

CSA's vendor-neutral Zero Trust credential covering NIST SP 800-207, CISA's ZT Maturity Model, and Forrester ZTX. Self-paced study materials included with the exam.

Certification Zero Trust Vendor Neutral
HashiCorp Vault Associate preview

HashiCorp Vault Associate

Entry-level certification covering Vault deployment, secrets engines, authentication, and policies. Signals practical competence with the leading cloud-native secrets platform.

Certification Secrets Management
HashiCorp Terraform Associate preview

HashiCorp Terraform Associate

Associate cert covering Terraform basics, state, providers, and modules. Signals fluency with the dominant IaC tool behind landing zones and policy-as-code pipelines.

Certification IaC DevSecOps
Certified Kubernetes Administrator preview

CKA - Certified Kubernetes Administrator

Two-hour hands-on exam operating a real cluster - troubleshooting, networking, storage, workloads. The operational prerequisite for CKS and the foundation for K8s security work.

Certification Kubernetes CNCF
ISACA CCAK preview

ISACA CCAK - Cloud Auditing Knowledge

ISACA/CSA joint credential for auditing cloud controls against CCM, STAR, ISO 27001, and NIST. Pairs naturally with CCSK for GRC and audit-focused roles.

Certification GRC Compliance
ISC2 Certified in Cybersecurity preview

(ISC)² Certified in Cybersecurity (CC)

(ISC)²'s entry-level cert covering security principles, access control, networking, and ops. Free exam and training through the One Million initiative.

Certification Beginner Free
CompTIA PenTest+ preview

CompTIA PenTest+

Performance-based pentest cert covering cloud, on-prem, and IoT targets. DoD 8140/8570 approved; sits between Security+ and OSCP.

Certification Pentest
Microsoft SC-300 preview

Microsoft SC-300 - Identity and Access Administrator

Microsoft cert focused on Entra ID identity design - conditional access, governance, hybrid, and external identities. Pairs with AZ-500.

Certification Azure Identity
ISC2 SSCP preview

ISC2 SSCP

Systems Security Certified Practitioner - the operations-focused counterpart to CISSP for hands-on engineers implementing controls.

Certification Operations
GIAC GCIH preview

GIAC GCIH

GIAC Certified Incident Handler from SANS - industry-standard credential for detection, containment, and recovery work.

Certification Incident Response Blue Team
KCNA Certification preview

Linux Foundation KCNA

Entry-level CNCF cert covering core Kubernetes concepts, cloud-native architecture, and observability. The friendly on-ramp before CKA or CKS.

Certification Kubernetes Beginner
TCM PNPT preview

TCM PNPT

Practical Network Penetration Tester - a five-day hands-on AD compromise exam with report and live debrief. Accessible alternative to OSCP.

Certification Pentest Hands-On
OffSec OSWE preview

OffSec OSWE

Advanced Web Attacks and Exploitation - a 48-hour white-box source-review exam focused on authentication-bypass chain development.

Certification AppSec Web Security
GIAC GSEC preview

GIAC GSEC

Foundational SANS credential covering networking, crypto, incident handling, and cloud fundamentals. Vendor-neutral on-ramp before GCSA or GPCS.

Certification Foundational Blue Team
ISACA CISM preview

ISACA CISM

Management-focused cert covering security governance, risk, program development, and incident response. Common requirement for security manager, director, and CISO roles.

Certification Management GRC
GIAC GCFR Cloud Forensics Responder preview

GIAC GCFR - Cloud Forensics Responder

SANS FOR509-paired credential for cloud DFIR in AWS, Azure, and M365. Tests CloudTrail analysis, identity-based persistence, and SaaS attacker reconstruction.

Certification Multi-Cloud Blue Team DFIR
ISACA CRISC preview

ISACA CRISC

Certified in Risk and Information Systems Control - IT risk identification, assessment, response, and control monitoring. Widely recognized in GRC and audit roles.

Certification GRC Risk Management

AI Security & LLM Protection

Tumeryk preview

Tumeryk

Cloud security testing and attack simulation platform. Test cloud infrastructure for security vulnerabilities through automated attacks and provide AI-powered recommendations.

Cloud Testing Vulnerability Testing
Lakera Guard preview

Lakera Guard

Real-time LLM security platform detecting prompt injection, jailbreak attempts, and unsafe behavior with <50ms latency. Industry-leading protection backed by millions of attack data points.

tool AI Security Real-time
NVIDIA Garak preview

NVIDIA Garak

Open-source LLM vulnerability scanner probing for hallucination, data leakage, prompt injection, toxicity, and jailbreaks. The nmap of AI security.

tool Open Source Scanner
LLM Guard preview

LLM Guard

Open-source security toolkit with advanced input/output scanners for data leakage prevention, prompt injection detection, and content moderation. 2.5M+ downloads.

tool Open Source Popular
Rebuff AI preview

Rebuff AI

Multi-layered prompt injection detection using heuristics, LLM-based detection, and canary tokens to identify and mitigate vulnerabilities.

tool Prompt Injection Detection
CalypsoAI Moderator preview

CalypsoAI Moderator

Model-agnostic enterprise LLM security solution providing real-time scanning, alerts, and comprehensive risk identification at scale.

tool Enterprise Real-time
NeMo Guardrails preview

NeMo Guardrails

NVIDIA's Python toolkit for adding programmable guardrails to LLM conversational applications, ensuring responsible and ethical AI use.

tool NVIDIA Guardrails
Guardrails AI preview

Guardrails AI

Python package for specifying structure, type validation, and correcting LLM outputs with pre-built measures for various risks.

tool Python Validation
Giskard AI Security preview

Giskard AI Security

Automated LLM security testing with heuristics-based and LLM-assisted detectors for domain-specific vulnerabilities in AI applications.

tool Automated Testing
LLMFuzzer preview

LLMFuzzer

Open-source fuzzing framework for LLMs focusing on API integrations with diverse fuzzing strategies to identify vulnerabilities.

tool Fuzzing API
Pynt LLM Security preview

Pynt LLM Security

Dynamic analysis and traffic inspection for LLM APIs, identifying prompt injection pathways and insecure output handling.

tool API Security Dynamic
BurpGPT preview

BurpGPT

Burp Suite extension integrating LLMs for AI-enhanced web security testing with vulnerability scanning and traffic analysis.

tool Burp Suite Testing
Lasso Security preview

Lasso Security

End-to-end LLM security solution protecting against external threats and internal vulnerabilities with comprehensive threat modeling.

tool Enterprise Comprehensive
WhyLabs LLM Security preview

WhyLabs LLM Security

Multi-layered approach to LLM security with data loss prevention, prompt injection monitoring, and misinformation detection.

tool DLP Monitoring
Protecto AI preview

Protecto AI

High-precision LLM security evaluation with Privacy Vault for data encryption, anonymization, and secure model deployment.

tool Privacy Encryption
Vigil preview

Vigil

Alpha-stage prompt-level security scanner for high-volume environments requiring prompt validation without infrastructure overhaul.

tool Alpha High-Volume
OpenAI Aardvark preview

OpenAI Aardvark

Agentic security researcher monitoring commits for vulnerabilities using LLM-powered reasoning to identify, explain, and fix security issues.

tool OpenAI Agentic
Microsoft PyRIT preview

Microsoft PyRIT

Python Risk Identification Toolkit for red-teaming LLMs with structured approaches to adversarial testing.

tool Microsoft Red Team
Constitutional AI preview

Constitutional AI

Anthropic's framework for AI safety through constitutional principles, enabling models to self-correct and maintain alignment.

tool Anthropic AI Safety
Alert AI Gateway preview

Alert AI Gateway

Zero-Trust AI Security Gateway with automatic vulnerability scanning across full development lifecycle.

tool Gateway Zero Trust
DeepEval preview

DeepEval

LLM evaluation and guardrails framework with LLM-as-judge for data leakage, prompt injection, jailbreaking, bias, and toxicity detection.

tool Evaluation Open Source
Nexos.ai Platform preview

Nexos.ai Platform

Unified AI governance platform with AI Gateway, AI Workspace, guardrails, and LLM observability for enterprise security.

tool Governance Enterprise
Granica AI Crunch preview

Granica AI Crunch

AI data platform optimizing training data pipelines with security, privacy, and compliance controls for LLM development.

tool Data Pipeline Privacy
Mindgard AI preview

Mindgard AI

AI security posture management (AI-SPM) for continuous threat monitoring, risk scoring, and automated remediation.

tool AI-SPM Monitoring
DeepStrike AI Pentesting preview

DeepStrike AI Pentesting

AI-specific penetration testing services simulating adversarial attacks, model inversion, and memory poisoning.

tool Pentesting Adversarial
Hugging Face Model Cards preview

Hugging Face Model Cards

Standardized model documentation framework for transparency, security evaluation, and risk assessment of AI models.

tool Documentation Standards
OWASP Top 10 for LLMs 2025 preview

OWASP Top 10 for LLMs 2025

Definitive list of top 10 LLM security vulnerabilities including prompt injection, data poisoning, and excessive agency. Updated for 2025 with new threats.

OWASP Top 10 Essential
OWASP Agentic AI Top 10 2026 preview

OWASP Agentic AI Top 10 2026

Groundbreaking framework for autonomous AI systems released at Black Hat Europe 2025, covering agentic manipulation and tool poisoning.

OWASP Agentic AI 2026
Prompt Injection Guide preview

Prompt Injection Guide

Comprehensive OWASP guide to prompt injection vulnerabilities, direct and indirect attacks, and mitigation strategies ranked #1 AI security risk.

OWASP Prompt Injection #1 Risk
CSA Guardrails Guide preview

CSA Guardrails Guide

Cloud Security Alliance's in-depth guide on building enterprise AI prompt guardrails with DLP integration, multilayered security, and compliance frameworks.

CSA Guardrails Enterprise
Bypassing LLM Guardrails Research preview

Bypassing LLM Guardrails Research

Academic research demonstrating character injection and AML evasion attacks achieving 100% bypass rates against commercial guardrails.

Research Academic Evasion
Wiz Research Blog preview

Wiz Research Blog

Wiz Research posts covering cloud security incidents, vulnerability analysis, and threat research write-ups.

Wiz Research Cloud Security
LLM Security Guide preview

LLM Security Guide

Comprehensive GitHub reference for securing LLMs covering OWASP Top 10, prompt injection, adversarial attacks, and mitigation strategies.

GitHub Comprehensive Guide
Datadog Guardrails Best Practices preview

Datadog Guardrails Best Practices

Technical guide on implementing guardrails for LLM security covering input validation, prompt construction, and output filtering.

Best Practices Technical Datadog
Lakera Prompt Injection Guide preview

Lakera Prompt Injection Guide

Tactical guide to understanding, recognizing, and preventing prompt injection attacks with real-world examples and defense strategies.

Prompt Injection Tactical Defense
Obsidian: Prompt Injection #1 preview

Obsidian: Prompt Injection #1

Analysis of prompt injection as #1 AI exploit in 2025 appearing in 73% of production deployments with enterprise mitigation strategies.

Enterprise Statistics #1 Exploit
Confident AI: Ultimate Guardrails Guide preview

Confident AI: Ultimate Guardrails Guide

Complete guide to LLM guardrails using LLM-as-judge for data leakage, prompt injection, jailbreaking, and bias detection.

Guide Implementation Technical
Invicti: OWASP LLM Analysis preview

Invicti: OWASP LLM Analysis

Business impact analysis of OWASP Top 10 LLM risks with technical testing methods and defense strategies.

Business Impact Testing OWASP
Qualys: OWASP 2025 Updates preview

Qualys: OWASP 2025 Updates

Analysis of key changes in OWASP Top 10 for LLMs 2025 including RAG vulnerabilities and vector/embedding weaknesses.

OWASP Updates Analysis
EvidentlyAI: OWASP Testing preview

EvidentlyAI: OWASP Testing

Practical guide to testing Gen AI apps against OWASP Top 10 with risk assessment, adversarial testing, and implementation strategies.

Testing Practical OWASP
Strobes: Mitigation Playbook preview

Strobes: Mitigation Playbook

Comprehensive mitigation playbook for OWASP Top 10 LLM risks with technical controls and governance frameworks.

Mitigation Playbook Technical
Nexos.ai: Top 10 LLM Tools preview

Nexos.ai: Top 10 LLM Tools

Comparative analysis of top LLM security tools in 2025 based on feature depth, enterprise fit, and industry coverage.

Tools Comparison 2025 Analysis
Lakera: Top 12 LLM Tools preview

Lakera: Top 12 LLM Tools

Curated list of paid and free LLM security tools including vulnerability scanners, guardrails, and testing frameworks.

Tools List Curated Comparison
Pynt: Essential LLM Tools preview

Pynt: Essential LLM Tools

Essential LLM security tools covering prompt injection detection, data leakage prevention, and automated security testing.

Tools Guide Essential Implementation
Protecto: Best LLM Tools 2025 preview

Protecto: Best LLM Tools 2025

Comprehensive review of best LLM security tools for testing, monitoring, and compliance with implementation guidance.

Review Comprehensive 2025
Obsidian: AI Pentesting Tools preview

Obsidian: AI Pentesting Tools

Specialized AI pentesting tools for uncovering LLM vulnerabilities including prompt injection, model inversion, and memory poisoning.

Pentesting Tools Specialized
Mindgard: Guardrail Evasion preview

Mindgard: Guardrail Evasion

Research on evading AI guardrails using invisible characters achieving 100% evasion success against major vendors.

Research Evasion Guardrails
MDPI: Prompt Injection Review preview

MDPI: Prompt Injection Review

Comprehensive academic review of prompt injection attacks from 2023-2025 analyzing 45 sources with PALADIN defense framework.

Academic Review Comprehensive
DeepStrike: OWASP Deep Dive preview

DeepStrike: OWASP Deep Dive

Deep dive into OWASP Top 10 LLM vulnerabilities with real attack scenarios, business impact analysis, and remediation strategies.

OWASP Deep Dive Scenarios
AccuKnox: Monitoring Tools 2025 preview

AccuKnox: Monitoring Tools 2025

Top 7 cloud security monitoring tools in 2025 offering real-time threat detection, runtime protection, and compliance automation.

Monitoring Tools 2025
TechTarget: CNAPP vs CSPM preview

TechTarget: CNAPP vs CSPM

Technical comparison of CNAPP and CSPM tools explaining when to use each, with decision frameworks for cloud maturity stages.

Comparison CNAPP CSPM
MD5 Decrypt preview

MD5 Decrypt

Hash lookup and decryption tool for identifying compromised credentials and checking password security.

Security Tools Hash Lookup Free
CyberSources preview

CyberSources

Curated GitHub repository with comprehensive list of cybersecurity resources, tools, and learning materials.

GitHub Curated Reference
Terminal Trove preview

Terminal Trove

Directory of terminal and CLI tools for SRE, DevOps, and system administration with security-focused utilities.

CLI Tools DevOps Directory
Schneier on Security preview

Schneier on Security

Bruce Schneier's influential security blog covering latest security news, vulnerabilities, and expert analysis.

Blog Reference News
NIST AI Risk Management Framework preview

NIST AI Risk Management Framework (AI RMF)

NIST's voluntary AI risk framework built around Govern, Map, Measure, and Manage. The reference standard for AI governance programs.

AI Security Framework Governance NIST
MITRE ATLAS preview

MITRE ATLAS

MITRE's ATT&CK-style knowledge base of adversarial ML tactics and real-world case studies. Required reference for AI red teaming and threat modeling.

AI Security Adversarial ML Threat Modeling
Google SAIF preview

Google Secure AI Framework (SAIF)

Google's six-element AI security framework with a self-assessment tool and risk map. Practical guidance distilled from Google's production AI experience.

AI Security Framework Google
AVID AI Vulnerability Database preview

AVID - AI Vulnerability Database

Community-curated database of AI vulnerabilities and failure modes. Searchable by model, vendor, and risk category - mapped to NIST AI RMF and OWASP LLM Top 10.

AI Security Vulnerability DB Reference
Microsoft Counterfit preview

Microsoft Counterfit

Microsoft's open-source Metasploit-style framework for AI red teaming. Wraps ART, TextAttack, and Augly behind a unified CLI for cross-model testing.

AI Security Red Team Open Source
Promptfoo preview

Promptfoo

Open-source LLM testing CLI with red-team plugins for prompt injection, PII leakage, and OWASP LLM Top 10 risks. Integrates with CI/CD for regression catching.

AI Security Red Team Open Source
AI Incident Database preview

AI Incident Database

Community-curated repository of real-world AI failures and harms maintained by the Responsible AI Collaborative. Tagged by system, harm type, and source reporting.

AI Security Reference Free
Adversarial Robustness Toolbox preview

Adversarial Robustness Toolbox (ART)

LF AI-hosted Python library of evasion, poisoning, extraction, and inference attacks against ML models. Originally from IBM Research - the reference adversarial ML toolkit.

AI Security Adversarial ML Open Source
OWASP AI Security and Privacy Guide preview

OWASP AI Security & Privacy Guide

OWASP's full-lifecycle guide for securing AI systems. Maps threats to controls drawn from ISO 5338, NIST AI RMF, and the EU AI Act - companion to the OWASP LLM Top 10.

AI Security OWASP Reference Free
Lakera Gandalf preview

Lakera Gandalf

Free interactive prompt-injection game with progressively stronger guardrails. The most accessible on-ramp for security teams new to LLM red-teaming.

AI Security Red Team Free
OWASP ML Security Top 10 preview

OWASP ML Security Top 10

OWASP's top-10 for classical ML systems - distinct from the LLM Top 10. Covers input manipulation, data poisoning, model inversion, and supply-chain attacks.

AI Security OWASP Reference Free
OWASP AISVS preview

OWASP AI Security Verification Standard (AISVS)

OWASP's structured, testable security requirements catalog for AI/ML systems, modeled after ASVS. Covers controls across the full model lifecycle.

AI Security OWASP Reference Free
MIT AI Risk Repository preview

MIT AI Risk Repository

MIT FutureTech's catalog of 700+ documented AI risks distilled from 40+ academic taxonomies. A reference for governance teams and red-team scenario design.

AI Security Reference Free
Awesome LLM Security preview

Awesome LLM Security

Community-curated index of LLM security papers, tools, CTFs, and prompt injection techniques. The fastest single stop for tracking a fast-moving field.

AI Security Reference Open Source Free
NCSC Secure AI Guidelines preview

NCSC Secure AI System Development Guidelines

Joint NCSC/CISA international guidance covering secure design, development, deployment, and operation of AI systems. The most widely endorsed government baseline today.

AI Security Government Framework Free
CSA AI Controls Matrix preview

CSA AI Controls Matrix (AICM)

CSA's vendor-neutral controls framework for generative AI, mapped to NIST AI RMF, ISO/IEC 42001, and the EU AI Act. Free PDF spanning 18 AI-specific domains.

AI Security Framework Compliance Free
HiddenLayer preview

HiddenLayer

AI security platform for detecting model theft, inference attacks, and adversarial inputs against deployed ML models. Free Model Scanner inspects artifacts for malicious payloads.

AI Security MLSecOps Adversarial
OWASP AI Exchange preview

OWASP AI Exchange

Open OWASP framework cataloging AI threats and controls mapped to ISO 27090, the EU AI Act, NIST AI RMF, and the OWASP LLM Top 10.

AI Security Framework Free
Meta Purple Llama preview

Meta Purple Llama

Meta's open AI safety toolkit - Llama Guard classifiers, CyberSecEval benchmarks, and Code Shield. Designed to wrap any LLM, not just Llama.

AI Security Open Source Guardrails
ModelScan preview

ModelScan by Protect AI

Open-source scanner for malicious code in pickle, PyTorch, TensorFlow, and Keras model files. Essential before loading models from Hugging Face.

AI Security MLSecOps Open Source
NIST AI Safety Institute preview

NIST AI Safety Institute

US government body at NIST advancing AI safety measurement, frontier model evaluation, and red-teaming methodology.

AI Security Government Free
CISA AI Security preview

CISA AI Security

CISA's hub for AI cybersecurity guidance - secure-by-design principles, joint NCSC guidelines, and incident reporting.

AI Security Government Framework
Adversa AI preview

Adversa AI

AI red team and research firm publishing adversarial attack analyses for LLMs, vision, and biometrics. Maintains a public AI threat intel portal.

AI Security Red Team Research
DEF CON AI Village preview

DEF CON AI Village

Community hub for AI security research, workshops, and the Generative Red Team challenges that have shaped industry methodology.

AI Security Red Team Community Free
Microsoft Responsible AI preview

Microsoft Responsible AI

Microsoft's RAI Standard, Azure transparency notes, and the open-source Responsible AI Toolbox for fairness and error analysis.

AI Security Azure Framework
Berryville Institute of Machine Learning preview

BIML

Berryville Institute of Machine Learning - independent architectural risk analysis of ML systems and rigorous threat modeling of ML pipelines.

AI Security Research Threat Modeling
UK AI Safety Institute preview

UK AI Safety Institute

UK government body publishing pre-deployment evaluations of frontier AI systems for cyber capability, autonomy, and societal risk. Counterpart to the US NIST AISI.

AI Security Government Free
Inspect AI preview

Inspect AI

Open-source AI evaluation framework from the UK AISI for systematic safety and capability testing of LLMs. Used for frontier model assessments.

AI Security Open Source Evaluation
AI Verify Foundation preview

AI Verify Foundation

Singapore-backed open-source foundation publishing AI Verify and Project Moonshot - testing and red-teaming toolkits aligned to OECD AI Principles and NIST AI RMF.

AI Security Framework Open Source