ZeusCloud: The Next-Gen Open Source Cloud Security Solution

The field of cloud computing is growing quickly, and security threats and problems have grown at the same rate. ZeusCloud is a new open-source cloud security tool that is made to deal with the risks and weaknesses of today.

ZeusCloud is a game-changer because it has a full set of features, from keeping track of assets and risks to making sure compliance is always met. Learn more about ZeusCloud and how it is changing the way AWS and other cloud users think about security.

Discover, prioritize, and remediate your risks in the cloud.

• Build an asset inventory of your AWS accounts.
• Discover attack paths based on public exposure, IAM, vulnerabilities, and more.
• Prioritize findings with graphical context.
• Remediate findings with step by step instructions.
• Customize security and compliance controls to fit your needs.
• Meet compliance standards PCI DSS, CIS, SOC 2, and more!

Table Of Contents

• Quick Start
• Sandbox
• Features
• Why ZeusCloud?
• Future Roadmap
• Contributing
• Development
• Security
• Open source vs. paid

Quick Start

1. Clone repo: git clone --recurse-submodules git@github.com:Zeus-Labs/ZeusCloud.git
2. Run: cd ZeusCloud && make quick-deploy
3. Visit

Check out our Get Started guide for more details.

A cloud-hosted version is available on special request – email founders@zeuscloud.io to get access!

Sandbox

Play around with our sandbox environment to see how ZeusCloud identifies, prioritizes, and remediates risks in the cloud!

Features

• Discover Attack Paths – Discover toxic risk combinations an attacker can use to penetrate your environment.
• Graphical Context – Understand context behind security findings with graphical visualizations.
• Access Explorer – Visualize who has access to what with an IAM visualization engine.
• Identify Misconfigurations – Discover the highest risk-of-exploit misconfigurations in your environments.
• Configurability – Configure which security rules are active, which alerts should be muted, and more.
• Security as Code – Modify rules or write your own with our extensible security as code approach.
• Remediation – Follow step by step guides to remediate security findings.
• Compliance – Ensure your cloud posture is compliant with PCI DSS, CIS benchmarks and more!

Why ZeusCloud?

Cloud usage continues to grow. Companies are shifting more of their workloads from on-prem to the cloud and both adding and expanding new and existing workloads in the cloud. Cloud providers keep increasing their offerings and their complexity. Companies are having trouble keeping track of their security risks as their cloud environment scales and grows more complex. Several high profile attacks have occurred in recent times. Capital One had an S3 bucket breached, Amazon had an unprotected Prime Video server breached, Microsoft had an Azure DevOps server breached, Puma was the victim of ransomware, etc.

We had to take action.

• We noticed traditional cloud security tools are opaque, confusing, time consuming to set up, and expensive as you scale your cloud environment
• Cybersecurity vendors don’t provide much actionable information to security, engineering, and devops teams by inundating them with non-contextual alerts
• ZeusCloud is easy to set up, transparent, and configurable, so you can prioritize the most important risks
• Best of all, you can use ZeusCloud for free!

Future Roadmap

• Integrations with vulnerability scanners
• Integrations with secret scanners
• Shift-left: Remediate risks earlier in the SDLC with context from your deployments
• Support for Azure and GCP environments

Contributing

We love contributions of all sizes. What would be most helpful first:

• Please give us feedback in our Slack.
• Open a PR (see our instructions below on developing ZeusCloud locally)
• Submit a feature request or bug report through Github Issues.

Development

Run containers in development mode:

cd frontend && yarn && cd -
docker-compose down && docker-compose -f docker-compose.dev.yaml --env-file .env.dev up --build

Reset neo4j and/or postgres data with the following:

rm -rf .compose/neo4j
rm -rf .compose/postgres

To develop on frontend, make the the code changes and save.

To develop on backend, run

docker-compose -f docker-compose.dev.yaml --env-file .env.dev up --no-deps --build backend

To access the UI, go to.

Security

Please do not run ZeusCloud exposed to the public internet. Use the latest versions of ZeusCloud to get all security related patches. Report any security vulnerabilities to founders@zeuscloud.io.

Open-Source vs. Cloud-Hosted

This repo is freely available under the Apache 2.0 license.

We’re working on a cloud-hosted solution which handles deployment and infra management. Contact us at founders@zeuscloud.io for more information!

Special thanks to the amazing Cartography project, which ZeusCloud uses for its asset inventory. Credit to PostHog and Airbyte for inspiration around public-facing materials – like this README!