SpaceSiren – A Honey Token Manager And Alert System For AWS

SpaceSiren is a honey token supervisor and alert method for AWS. With this totally serverless application, you can generate and handle honey tokens at scale — up to 10,000 per SpaceSiren instance — at close to no expense.¹

How It Operates

• SpaceSiren presents an API to make no-permission AWS IAM consumers and access keys for these consumers.
• You sprinkle the entry keys anywhere you like, for instance in proprietary code or non-public info shops.
• If one particular of those resources will get breached, an attacker is most likely to use the stolen important to see what they can do with it.
• You will acquire an warn that anyone attempted to use the critical.

Inform Outputs

• E mail
• PagerDuty
• Slack
• Pushover

Documentation Web pages

• Acquiring Started off
• Alerts
• API Documentation
• Terraform Variables

Needs
As with any open up supply challenge, this one particular assumes you have the needed foundational equipment and knowledge, mainly in AWS and Terraform.

Sources

• Terraform >= .13
• AWS CLI
• A committed AWS account with admin accessibility
• A registered area

Expertise

• Primary Terraform
• Basic Rest API
• Primary AWS CLI, S3, and Route 53
• Primary AWS Businesses and IAM Roles for cross-account entry
• Intermediate DNS (delegating a (sub)area with NS information)

Get hold of
If you detect a crucial security bug (e.g., 1 that would grant authentic access to an AWS account), make sure you responsibly disclose it by using electronic mail at call@spacesiren.io.
For typical bugs or aspect requests, be sure to open a GitHub problem.

Attributions
Specific many thanks to:

• Atlassian for Venture SpaceCrab, the inspiration for this challenge. If you want to browse about why I began SpaceSiren, please see my SpaceCrab critique website page.
• The fantastic and gifted Alia Mancisidor for the artwork.
• Everyone who volunteered to examination this application for me.

Footnotes

1. Although SpaceSiren was made to operate as cheaply as possible, even for people today, it will not be completely no cost of running prices. You will incur nominal expenditures for DynamoDB, Lambda, API Gateway, Route 53, and potentially CloudTrail, relying on your configuration. You must hope to devote in between $1 and $5 per month to operate SpaceSiren. Of training course, the project’s maintainers are not liable for any real costs you incur. You should closely monitor your AWS bill whilst it is in use.

Resource backlink

Browse Far more on Pentesting Resources