Welcome to OpenSecOps! This platform provides enterprise-grade security automation for AWS environments through two main products: Foundation and SOAR. Some components have been open-source for a long time and can be used stand-alone.
All products have passed stringent AWS Foundational Technical Reviews and are battle-tested and in active use in the industry.
Cloud infrastructure foundation implementing AWS best practices with features including:
- AWS Control Tower integration
- Centralized logging and archival
- Text-based AWS configuration management
- Single Sign-On (SSO) with multi-factor authentication
- Just-In-Time (JIT) elevated access management
Security automation platform with serverless architecture including:
- AWS Security Hub integration
- Automated incident response with predefined playbooks
- Forensic analysis capabilities
- Ticketing system integration (Jira, ServiceNow)
- AI-powered security reporting
To install OpenSecOps, clone the Installer repository and follow the instructions in its README.
Comprehensive documentation is available in the Documentation repository, including:
- Installation Manual - Complete deployment guide
- Technical Design Specification - Architecture details
- Standard Operating Procedures - Day-to-day management
- Installation Manual - Step-by-step deployment
- Technical Design Specification - Architecture and design
- Standard Operating Procedures - Operational tasks
- Component-specific SOPs:
- Code of Conduct - Our community standards
- Contributing Guidelines - How to contribute to OpenSecOps
- Pull Request Template - Template for submitting pull requests
- Issue Templates - Templates for creating issues
- Bug Report - Report a bug
- Feature Request - Suggest a new feature
- Security Policy - Reporting security vulnerabilities
Visit our website at https://opensecops.org for additional information, including technical details and stakeholder-focused material.
The OpenSecOps newsletter provides updates on our open-source AWS security and operations platform. Subscribe to receive announcements about new features, security best practices, implementation tips, and community contributions. We'll share insights about both our Foundation (AWS infrastructure best practices) and SOAR (security automation) components, along with practical guidance for deploying and managing secure cloud environments. This low-volume newsletter helps you stay informed about this project that reduces AWS setup from person-years to just days.
