Show HN: ZeusCloud (YC W22) – open-source cloud security
Hey folks - last month, we open sourced ZeusCloud (https://github.com/Zeus-Labs/ZeusCloud) - a platform to identify, prioritize, and remediate security risks in your cloud environment.
ZeusCloud thinks like an attacker. It identifies security risks in your environment like infra misconfigurations, over-permissive identities, and workload vulnerabilities. And it pieces them together to show you attack paths like a publicly exposed VM with a critical CVE has effective admin access.
Some highlights of the ZeusCloud platform: - Graphical attack paths so you can prioritize the risks in your cloud with context - An asset inventory of your compute, networking, and IAM assets to give you further visibility into your AWS environments - An interactive access explorer view that shows you how IAM users/roles can access S3 buckets, EC2 instances, etc. for blast radius analysis
We know other cloud security products exist. But, in our experience, they’re often inaccessible or fail to show you sufficient context behind security findings. The project is still early - we’ve focused so far on infra misconfiguration and identity risks. Looking to add vulnerabilities to the attack paths through tools like Project Discovery (nuclei) and Burpsuite next.
Check out our GitHub (Licensed Apache 2.0): https://github.com/Zeus-Labs/ZeusCloud
Play around with our Sandbox environment: https://demo.zeuscloud.io
Get Started (free/self-hosted): https://docs.zeuscloud.io/introduction/get-started
Would love to hear what you think! Apache 2.0 caught my eye! Great to see open source making cloud security more accessible.