Cloud Security Advisor

Using Postman Workspace to develop a suit of API that evaluate your Cloud Security. As with the workspace grows we could provide more security analysis from easy-to-forget to in-depth.

Comment

Inspiration

There are native Cloud security analysis services but the services generate false alarms and does not fit our own standard. I set of customizable API calls that generate our own security reports is needed.

What it does

This workspace can generate security report with Cloud API calls. We focus on AWS at this stage.

How we built it

We uses calls Cloud APIs to retrieve cloud infrastructure information with credentials (preferably access token instead of API keys). The API calls are chained together with JavaScript.

Challenges we ran into

There are so many Cloud service providers to be covered, eg, AWS, GCP, Azure, AliCloud and OpenShift. Also, there are so many improper security set up to be covered.

Accomplishments that we're proud of

The novelty of the idea in Postman Workspace.

What we learned

Postman Workspace, and common security issue on Cloud infrastructure.

What's next for You can change this at any time

Develop a community that could work together to enhance this workspace.

Built With

Share this project:

Updates