This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 3.3 of Cloud Security Controls and Frameworks
The five cloud security tool categories and the open-source tools available for each.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
Prowler — AWS, GCP, and Azure Security Assessments
Open-source CSPM tool for multi-cloud security assessments against CIS, NIST, and other frameworks.
Prowler — AWS, GCP, and Azure Security Assessments
Open-source CSPM tool for multi-cloud security assessments against CIS, NIST, and other frameworks.
Falco — Cloud-Native Runtime Security
Official Falco documentation for deploying runtime security in Kubernetes and cloud environments.
Falco — Cloud-Native Runtime Security
Official Falco documentation for deploying runtime security in Kubernetes and cloud environments.
Trivy — Comprehensive Vulnerability Scanner
Aqua Security open-source scanner for container images, filesystems, git repos, and Kubernetes.
Trivy — Comprehensive Vulnerability Scanner
Aqua Security open-source scanner for container images, filesystems, git repos, and Kubernetes.
Cloudsplaining — AWS IAM Analysis
Salesforce open-source CIEM tool that identifies least-privilege violations in AWS IAM policies.
Cloudsplaining — AWS IAM Analysis
Salesforce open-source CIEM tool that identifies least-privilege violations in AWS IAM policies.
Quadrant 4 · Self-Assessment
Controls, Standards and Testing
CSA CCM v4, NIST CSF 2.0, ENISA, CSPM, CWPP, CASB, CIEM, CSMV, and cloud penetration testing tools.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.