Skip to content
This repository has been archived by the owner on Sep 17, 2021. It is now read-only.


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?


Failed to load latest commit information.
Latest commit message
Commit time
August 4, 2019 16:36
July 16, 2020 21:52
September 5, 2019 16:44
May 24, 2018 20:07
August 6, 2018 14:15
July 5, 2020 08:49
June 29, 2014 14:39
June 29, 2014 14:39
October 30, 2020 14:10
July 5, 2020 08:49

NOTE: Security Monkey is in maintenance mode and will be end-of-life in 2020.

Security Monkey

Security Monkey Logo 2017

Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories.

It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.

Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters.

It works on CPython 2.7. It is known to work on Ubuntu Linux and OS X.

Gitter chat

Develop Branch Master Branch
Build Status Build Status
Coverage Status Coverage Status

Special Note:

Netflix's support for Security Monkey has been reduced for minor bug fixes only. That being said, we are happy to accept and merge pull-requests that fix bugs and add new features as appropriate.


If you are upgrading to 1.0 for the first time, please review the Quickstart and the Autostarting documents as there is a new deployment pattern for Security Monkey. Also, new IAM permissions have been added.

Project resources

Instance Diagram

The components that make up Security Monkey are as follows (not AWS specific): diagram

Access Diagram

Security Monkey accesses accounts to scan via credentials it is provided ("Role Assumption" where available). diagram