About This Tool

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Primary Use Case

ElectricEye is designed for security professionals and cloud engineers who need to continuously assess and harden their cloud service provider (CSP) and SaaS environments across multiple platforms such as AWS, GCP, Azure, OCI, ServiceNow, Microsoft 365, and Salesforce. It enables organizations to identify security, resilience, performance, and financial risks by running extensive automated checks and generating actionable reports to improve their security posture.

Key Features

Supports multi-cloud and multi-SaaS environments including AWS, GCP, Azure, OCI, ServiceNow, Microsoft 365, and Salesforce

Over 1000 automated checks covering security, resilience, performance, and financial best practices

Cross-account and cross-region scanning capabilities

Controls mapped to over 20 industry, regulatory, and best practice frameworks

Python CLI tool with Docker images available for easy deployment

Attack surface monitoring and asset management across hundreds of services

Integration with CI/CD pipelines via GitHub Actions and container registries

Outputs detailed reports for security posture management and compliance

Insights & Recommendations

ElectricEye requires appropriate credentials and permissions for each cloud and SaaS platform to perform scans effectively. Users should ensure they configure authentication securely and follow best practices for credential management. The tool's extensive checks and multi-cloud support make it suitable for integration into automated security workflows and CI/CD pipelines.

Installation

Ensure Python is installed on your system
Clone the repository: git clone https://github.com/jonrau1/ElectricEye.git
Navigate to the ElectricEye directory: cd ElectricEye
Install dependencies (if specified in documentation or requirements file)
Alternatively, pull the official Docker image: docker pull electriceye/electriceye
Run ElectricEye using the CLI or Docker container as per your environment

Usage

electriceye scan aws

Run ElectricEye scans against AWS environments to perform security posture and asset management checks

electriceye scan gcp

Execute ElectricEye checks on Google Cloud Platform resources

docker run electriceye/electriceye scan azure

Run ElectricEye scans for Azure cloud resources using the official Docker container

electriceye scan m365

Perform security posture assessments on Microsoft 365 Enterprise environments

electriceye scan sfdc

Run security and asset management checks against Salesforce environments

Smart Usage Notes

Integrate ElectricEye into CI/CD pipelines for continuous posture assessment and automated remediation workflows.Leverage its multi-cloud and multi-SaaS support to unify security posture monitoring across diverse environments.Use its detailed reports to prioritize remediation efforts and align with compliance requirements across frameworks.Combine ElectricEye findings with SIEM and SOAR platforms to enhance detection and response capabilities.Develop custom checks using the developer guide to tailor security posture assessments to organizational policies.

OpenSec Atlas

ElectricEye