Magpie
Magpie is an open-source Cloud Security Posture Management tool or CSPM that allows organizations to discover and assess their AWS and GCP infrastructure against industry best practices and community developed security rules. Free-up your budget with a professionally developed and maintained, modern, extensible, scalable and free alternative to commercial, closed-source legacy CSPMs.
Features
Asset / Service Discovery
The discovery framework enumerates all AWS and GCP services and their attributes, persisting them to PostgreSQL or outputting them as JSON for further processing. Easily extended to discover other environments.
Learn moreDMAP
A client that runs as a serverless function (Lambda in AWS) and runs a decision tree from data obtained from the server to determine the type of non-native application running on an EC2 instance.
Learn moreSecurity Policy and Rules Engine
An engine that runs policy and rule evaluations written in SQL and Python over the output from the Asset / Service Discovery framework. Ships with default security rules covering all of the AWS Security Fundamentals, AWS CIS Security Benchmarks and a policy of ransomware checks.
