Take a cloud native app with autoscalling groups and automatically remediate a compromised instance.

What it does

Classifies Security Hub Incidents and maps the fields to an xSOAR instance. Handles instances in an autoscalling group and fetches processes from Systems Manager. Removes compromised instances and has the autoscalling group create new ones.

Built With

  • ec2
  • guardduty
  • lambda
  • python
  • securityhub
Share this project: