This repository contains hands-on AWS cloud security projects
Description: A comprehensive project simulating a real-world attack (public S3 exposure) and building a detection and response pipeline using native AWS services.
Key Features:
- S3 Bucket misconfiguration (simulated attack)
- AWS CloudTrail & AWS Config setup
- AWS GuardDuty threat detection
- EventBridge rules to detect GuardDuty findings
- SNS email alerts to notify on threats
- Architecture diagram & screenshots included
📁 Folder: project1_aws_security_monitoring
Description: This project demonstrates deploying a simple application inside a VPC, and then performing a Cloud Security Posture Management (CSPM) scan using Prowler to detect misconfigurations and compliance violations.
Key Features:
- Manual creation of VPC, subnets, route tables, and security groups
- Deployment of EC2 instance with NGINX web server
- CSPM scan using open-source tool Prowler
- Python-based Prowler execution and report generation (HTML, JSON)
📁 Folder: project2_aws_vpc_cspm_prowler
- Explore each project folder
- Open the respective
README.mdfile - Review architecture diagram (in
/docs) - View screenshots for step-by-step actions (in
/screenshots)
Kallol Das
- LinkedIn Profile
- AWS Security Certified | CCSK | SAP Basis Expert
This repository is licensed under the MIT License.