DEV Community

I Built a Four‑Cloud Security Scanner That Auto‑Fixes Attack Chains – Here's How

The Problem

Cloud security tools like Wiz and Orca are incredibly powerful – but they cost millions of dollars and are closed source. Small teams, startups, and individual developers simply can't afford them.

I wanted to build something that:

  • ✅ Scans AWS, GCP, Azure, and OCI (all 4 major clouds)
  • ✅ Finds vulnerabilities automatically
  • ✅ Fixes them without human intervention
  • ✅ Is completely free and open source

So I built APCSS (Automated Protection of Cloud Security System).

What APCSS Does

Feature Description
Four-Cloud Scanning AWS · GCP · Azure · OCI – in one command
Attack Path Graph Shows exactly how an attacker would move from the Internet to your sensitive data
Auto-Fix Attack Chains Automatically fixes S3, Security Groups, EC2 ports, and IAM roles – breaks the entire chain
Live Dashboard Real-time monitoring with alerts and attack path visualisation
PDF Compliance Reports Generate reports for PCI-DSS, HIPAA, and SOC2 – auditor-ready
Drift Detection Learns your environment and alerts you when something changes (e.g., a new public bucket)

How It Works

  1. Scan All 4 Clouds in One Command
python scanner.py 127.0.0.1 --cloud --fix --db --yes

Comments

No comments yet. Start the discussion.