Cloud security engineers are notoriously overworked and under-resourced. This curated list has links to tools, frameworks and resources to make their lives easier.

Threat Research

• Cloud Security Alliance Research
• Datadog Security Labs
• Elastic Security Labs
• Google Project Zero
• Microsoft Security Response Center
• Orca Research Pod
• Rapid7 Research
• Sysdig Threat Research
• Team Nautilus by Aqua Security
• Unit 42 by Palo Alto Networks
• Wiz Cloud Threat Landscape

Security Vendors

Publicly listed vendors

These are vendors with publicly traded stocks. The links lead to a vendor's website, LinkedIn company page and the stock price on Yahoo! Finance.

• Check Point | LinkedIn | CHKP
• Cisco | LinkedIn | CSCO
• CloudFlare | LinkedIn | NET
• CrowdStrike | LinkedIn | CRWD
• CyberArk | LinkedIn | CYBR
• Datadog | LinkedIn | DDOG
• Fortinet | LinkedIn | FTNT
• Palo Alto Networks | LinkedIn | PANW
• Qualys | LinkedIn | QLYS
• Radware | LinkedIn | RDWR
• SentinelOne | LinkedIn | S
• Tenable | LinkedIn | TENB
• Varonis | LinkedIn | VRNS
• Zscaler | LinkedIn | ZS

Formerly listed

• HashiCorp | LinkedIn | HCP
• Splunk | LinkedIn | SPLK

Private Vendors

Venture-funded companies

• AccuKnox | LinkedIn | Crunchbase
• Aikido | LinkedIn | Crunchbase
• Aqua Security | LinkedIn | Crunchbase
• ARMO | LinkedIn | Crunchbase
• Arnica | LinkedIn | Crunchbase
• Astrix | LinkedIn | Crunchbase
• Avalor | LinkedIn | Crunchbase
• Bright Security | LinkedIn | Crunchbase
• Chainloop | LinkedIn | Crunchbase
• Clutch | LinkedIn | Crunchbase
• Coalfire | LinkedIn | Crunchbase
• Curity | LinkedIn | Crunchbase
• Cyera | LinkedIn | Crunchbase
• Cyscale | LinkedIn | Crunchbase
• Cyware | LinkedIn | Crunchbase
• Darktrace | LinkedIn | Crunchbase
• Deepfence | LinkedIn | Crunchbase
• Deepsource | LinkedIn | Crunchbase
• Eureka Security | LinkedIn | Crunchbase
• Endor Labs | LinkedIn | Crunchbase
• Entro | LinkedIn | Crunchbase
• Gem Security | LinkedIn | Crunchbase
• GitGuardian | LinkedIn | Crunchbase
• Grip Security | LinkedIn | Crunchbase
• Hunters | LinkedIn | Crunchbase
• JupiterOne | LinkedIn | Crunchbase
• Kloudle | LinkedIn | Crunchbase
• Lacework | LinkedIn | Crunchbase
• Lightlytics | LinkedIn | Crunchbase
• Lineaje | LinkedIn | Crunchbase
• Matano | LinkedIn | Crunchbase
• Metomic | LinkedIn | Crunchbase
• Netwrix | LinkedIn | Crunchbase
• Normalyze | LinkedIn | Crunchbase
• Noq | LinkedIn | Crunchbase
• OASIS Security | LinkedIn | Crunchbase
• OpenRaven | Linkedin | Crunchbase
• Orca Security | LinkedIn | Crunchbase
• OpsHelm | LinkedIn | Crunchbase
• Query | LinkedIn | Crunchbase
• Pangea | Linkedin | Crunchbase
• Permiso | LinkedIn | Crunchbase
• PingSafe | LinkedIn | Crunchbase
• Plerion | LinkedIn | Crunchbase
• Prevasio | LinkedIn | Crunchbase
• Rapid7 | Linkedin | Crunchbase
• Runecast | LinkedIn | Crunchbase
• RunReveal | LinkedIn | Crunchbase
• Salt Security | LinkedIn | Crunchbase
• SecureDawn | LinkedIn | Crunchbase
• Seemplicity | LinkedIn | Crunchbase
• Sentra | LinkedIn | Crunchbase
• Scrut Automation | LinkedIn | Crunchbase
• Slauth | LinkedIn | Crunchbase
• Snyk | LinkedIn | Crunchbase
• Sonar | LinkedIn | Crunchbase
• Sonrai Security | LinkedIn | Crunchbase
• Sophos | LinkedIn | Crunchbase
• Soveren | LinkedIn | Crunchbase
• Spyderbat | LinkedIn | Crunchbase
• StrongDM | LinkedIn | Crunchbase
• Sweet Security | Linkedin | Crunchbase
• Tigera | LinkedIn | Crunchbase
• Tines | LinkedIn | Crunchbase
• Torq | LinkedIn | Crunchbase
• Trellix | LinkedIn | Crunchbase
• Twingate | LinkedIn | Crunchbase
• UpGuard | LinkedIn | Crunchbase
• Upwind | LinkedIn | Crunchbase
• Wazuh | LinkedIn | Crunchbase
• Wiz | LinkedIn | Crunchbase

Acquisitions

• Accurics | LinkedIn | Crunchbase --> acquired by Tenable
• Bionic | LinkedIn | Crunchbase --> acquired by Crowdstrike
• Bit Discovery | LinkedIn | Crunchbase --> acquired by Tenable
• Cider Security | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
• [Cymptom] | LinkedIn | Crunchbase--> acquired by Tenable
• Dig Security | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
• Ermetic | LinkedIn | Crunchbase --> acquired by Tenable
• Flawcheck | Crunchbase --> acquired by Tenable
• Gem Security | LinkedIn | Crunchbase --> acquired by Wiz
• Isovalent | LinkedIn | Crunchbase --> acquired by Cisco
• Laminar | LinkedIn | Crunchbase --> acquired by Rubrik
• Lightspin | LinkedIn | Crunchbase --> acquired by Cisco
• Mandiant | LinkedIn | Crunchbase --> acquired by Google
• Raftt | LinkedIn | Crunchbase --> acquired by Wiz
• Robust Intelligence | LinkedIn | Crunchbase --> acquired by Cisco
• Sinefa | LinkedIn | Crunchbase --> acquired by Palo Alto Networks
• Spera | LinkedIn | Crunchbase --> acquired by Okta
• Zycada Networks | LinkedIn | Crunchbase --> acquired by Palo Alto Networks

Acquisitions by Vendor

Palo Alto Networks

Ordered by date (descending)

• Talon, $825M - Dec 2023
• Dig Security, $350M - Dec 2023
• Zycada Networks, undisclosed - April 2023
• Cider Security, $198M - Dec 2022
• Expanse, $797M - Dec 2020
• Crypsis, $228M - Sept 2020
• Cloudgenix, $403M - April 2020
• Sinefa, $44M - Nov 2020
• Aporeto, $144M - Dec 2019
• Twistlock, $378M - July 2019
• Demisto, $474M - March 2019
• RedLock, $158M - Oct 2018
• Secdo, $83M - April 2018
• Evident.io, $293M - March 2018
• Cyvera, $178M - April 2014
• Bridgecrew, $157M - March 2021
• Aporeto, $144M - Dec 2019
• Lightcyber, $103M - Feb 2017

Cisco

• Deep Factor - August 2024
• Isovalent - December 2023 blog post
• Oort - July 2023 blog
• Robust Intelligence - August 2024 blog post

Datadog

includes only security-related acquisitions Ordered by date (descending)

• Sqreen - February 2021 press release
• Seekret - April 2022 press release
• Hdiv Security - May 2022 press release

Tenable

Ordered by date (descending)

• Ermetic, $265M - Sept 2023
• Bit Discovery, $44.5M - April 2022
• Cymptom, undisclosed - Feb 2022
• Accurics, $160M - Sept 2021
• FlawCheck, undisclosed - Oct 2016

Wiz

Ordered by date (descending)

• Gem Security, undisclosed - April 2024
• Rafft, undisclosed - December 2023

Managed Service Providers

• Red Canary | LinkedIn | Crunchbase

Cloud Platforms

Native security products offered by the major cloud platforms (AWS, GCP, Azure)

• AWS Shared Responsibility Model
• GCP Shared responsibilities and shared fate on Google Cloud
• Azure Shared Responsibility in the cloud
• DigitalOcean Shared Responsibliity Model

GCP

• Chronicle Security Operations
• Chronicle SOAR
• Chronicle SIEM

AWS

• AWS Cloud Security
• Amazon Detective
• Amazon GuardDuty
• Amazon Security Lake
• AWS Artifact
• AWS Audit Manager
• AWS Config
• AWS Security Hub
• AWS Trusted Advisor

Azure / Microsoft

• Azure Security
• Azure Policy
• Microsoft Compliance
• Microsoft Defender for Cloud
• Microsoft Sentinel

Open Source Projects

• Altimeter
• AWS Firewall Factory
• BloodHound
• Cartography
• Chainloop
• Checkov
• Cilium
• Cloudbeat
• Cloudquery
• CloudSploit
• DefectDojo
• Falco
• Fix Inventory
• Gapps
• Greenbone OpenVAS Scanner
• KubeArmor
• KubeScape
• Magpie
• Prowler
• S3Scanner
• Sadcloud
• ScoutSuite
• Steampipe
• tfsec
• ThreatMapper
• trivy
• Wazuh
• ZeusCloud

Security Categories / Glossary

• AI-SPM - AI Security Posture Management
• ASPM - Application Security Posture Management
• CAASM - Cyber Asset Attack Surface Management
• CASB - Cloud Access Security Brokers
• CCO - Corporate Compliance and Oversight
• CDR - Cloud Detection and Response
• CIEM - Cloud Infrastructure Entitlement Management
• CNAPP - Cloud-native Application Protection Platform
• CSPM - Cloud Security Posture Management
• CWPP - Cloud Workload Protection Platform
• CTEM - Continuous Threat Exposure Management
• DSPM - Data Security Posture Management
• EDR - Endpoint Detection and Response 
• GRC - Governance, Risk and Compliance
• IGA - Identity Governance Administration
• ITDR - Identity Threat Detection and Response
• KSPM - Kubernetes Security Posture Management
• MDR - Managed Detection and Response
• PAM - Privileged Access Management
• SIEM - Security Information and Event Management
• SOAR - Security Orchestration, Automation and Response
• SOC - Security Operations Center
• XDR - Extended Detection and Response
• XSIAM - Extended Security Intelligence and Automation Management

Security Resources

• Nextdoor CSPM Evaluation Matrix GitHub
• Simple CSPM - GCP CSPM using Google Sheets GitHub
• Prisma Cloud Channel Resource GitHub
• What is eBPF? eBPF Docs
• Building a Security Graph Application on Amazon Neptune GitHub

Security Newsletters

• CloudSecList by Marco Lancini
• Frankly Speaking by Frank Wang
• Securing the Cloud by Brandon Carroll
• tl;dr sec by Clint Gibler
• Venture in Security by Ross Haleliuk

Security Podcasts

• Brakeing Down Security
• CISO Tradecraft
• CyberWire Daily
• Darknet Diaries
• Google Cloud Security Podcast
• Hacking Humans
• Malicious Life
• Risky Business
• Security Now
• Smashing Security
• Privacy, Security, & OSINT Show
• Social-Engineer Podcast
• Unsupervised Learning

Security Frameworks

• CIS Benchmarks List
• CIS AWS Benchmarks
• CIS Google Cloud Computing Platform Benchmarks
• CIS Microsoft Azure Benchmarks
• CIS Oracle Cloud Benchmark
• ISO 27001/27002
• NIST Security and Privacy Controls for Information Systems and Organizations
• NIS 2
• System and Organization Controls (SOC)

Cyber Insurance

• Anzen | LinkedIn

Conferences

Community

• Chaos Communication Congress
• DEF CON
• GrrCon
• Hackers on Planet Earth (HOPE)
• HushCon
• Nullcon
• OWASP
• Security BSides
• ShmooCon
• THOTCON
• ToorCon
• Wild West Hackin' Fest

Industry

• AWS re:Invent
• Billington Cybersecurity Summit
• Black Hat
• Cyber Security & Cloud Expo
• Cybersec Europe
• Cybersecurity Summit
• CyberTech Global
• Deutscher IT Security Congress
• fwd:cloudsec
• FS-ISAC Summit
• Gartner Security & Risk Management Summit
• Infosecurity Europe
• Interop Tokyo
• IOT Solutions World Congress
• ISACA North America Conference
• it-sa
• RSA Conference
• SANS Cyber Threat Intelligence Summit
• Sector