I'm working on a SaaS that will detect publicly shared AWS resources. Not by evaluating policies but by actually testing the availability. Some examples: can a KMS key be used from a 3rd party AWS account, are there any object in an S3 truly exposed publicly, and similar. The motivation is to find truly critical issues in AWS account setup by addressing the first priority items - public exposure.
Another project that is currently only happening in my head - I am thinking about security operations teams that I think often do the same things in different companies. Namely there is a lot of tinkering with detections and alerting, often for the same services. I think this could be cost optimized by being offered as a SaaS.
Another project that is currently only happening in my head - I am thinking about security operations teams that I think often do the same things in different companies. Namely there is a lot of tinkering with detections and alerting, often for the same services. I think this could be cost optimized by being offered as a SaaS.