Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
Switch branches/tags
Clone or download
mikegrima Merge pull request #1111 from alanmbarr/loadpluginauditor
Allow  loading custom plugin auditors from entry points
Latest commit e632fdb Sep 20, 2018
Failed to load latest commit information.
dart Update item scoring to match issue scoring Jun 14, 2018
data Update Region lists Mar 12, 2018
docker Pin to Dart 1.24.x. Aug 6, 2018
docs Added missing IAM permission Sep 7, 2018
env-config Add header-based authentication support Jun 3, 2018
env_tests Fixed a bug in the batched watchers Feb 7, 2018
migrations Fix for DB error documented in #1005 May 18, 2018
nginx Update security_monkey.conf May 24, 2018
scripts SQS Batched CloudAux watcher Jan 25, 2018
security_monkey Merge pull request #1111 from alanmbarr/loadpluginauditor Sep 19, 2018
supervisor More path updates for celery runtime files Feb 1, 2018
.coveragerc [WIP] Coverage (#451) πŸ‘–πŸ‘• Nov 18, 2016
.dockerignore feature/docker (#433) 🐳 Nov 10, 2016
.gitignore Add swp files to gitignore Aug 6, 2018
.travis.yml fixup: invoke header_auth tests in Travis Jun 3, 2018
.venv Initial Commit Jun 29, 2014
AUTHORS Adding an option to allow group write for logfiles (#660) Apr 13, 2017
Dockerfile Better clarity to docker docs. Jul 18, 2018
LICENSE Initial Commit Jun 29, 2014
OSSMETADATA Adding osslifecycle=active to new file OSSMETADATA Dec 12, 2015 VPC watcher moved over to CloudAux. Apr 9, 2018 Some PEP8 Fixes. Mostly indentation. Aug 21, 2014
docker-compose.init.yml Updating the Docker files to work with 1.0 Feb 8, 2018 Fix Docker (#657) Apr 7, 2017
docker-compose.yml Docker speedup and celery config Apr 24, 2018
requirements.txt Bumped cloudaux version (See Netflix-Skunkworks/cloudaux/pull/84) Aug 1, 2018
secmonkey.env TravisCI docker-compose build(#685) Apr 19, 2017 Use requirements.txt to clean reqs Apr 24, 2018

Security Monkey

Security Monkey Logo 2017

Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories.

It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.

Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters.

It works on CPython 2.7. It is known to work on Ubuntu Linux and OS X.

Gitter chat

Develop Branch Master Branch
Build Status Build Status
Coverage Status Coverage Status


If you are upgrading to 1.0 for the first time, please review the Quickstart and the Autostarting documents as there is a new deployment pattern for Security Monkey. Also, new IAM permissions have been added.

Project resources

Instance Diagram

The components that make up Security Monkey are as follows (not AWS specific): diagram

Access Diagram

Security Monkey accesses accounts to scan via credentials it is provided ("Role Assumption" where available). diagram