Introducing GuardPost
Defend your cloud infrastructure with unprecedented visibility and control
Hey everyone,
Today, I'm excited to unveil what I've been working on for the past few weeks. I've always felt like Cybersecurity should be easier and more transparent than it's currently portrayed by some of the incumbents. Companies like Wiz, Palo Alto Networks, CrowdStrike, etc., often keep their methods close to their chest, as if it's some kind of magic – and let's be honest, every post or video about cybersecurity seems to feature some faceless person in a dark hoodie, hacking away in the Matrix.
Cybersecurity is actually not that different from normal software development. Similar to my journey with WhiteRabbitNeo, I want to build my next product, GuardPost, completely in the open.
So today, I'm incredibly excited to introduce you to GuardPost! GuardPost is a cloud-native security platform, and I'm officially releasing GuardPost Core – the foundational security engine that powers the entire GuardPost platform. It's designed from the ground up to give you unprecedented visibility and control over your cloud infrastructure, starting with AWS.
What's in the GuardPost Core MVP?
This initial MVP release is packed with the core essentials:
⚡ Comprehensive AWS Scanning: We're starting with deep scanning for key AWS services: IAM (identities and access), EC2 (your virtual servers), VPC (your virtual networks), S3 (your storage buckets), RDS (your databases), and Lambda (your serverless functions).
🕸️ Powerful Graph-Based Analysis: This is where GuardPost really starts to shine. We're not just looking at resources in isolation. GuardPost Core builds a Neo4j graph database to map out your AWS resources and, crucially, their intricate relationships. This is the key to uncovering complex attack paths and understanding true blast radius – something often missed by traditional list-based tools.
🎯 Foundational Security Checks: Even in this MVP, GuardPost Core identifies common, significant misconfigurations and security weaknesses based on established AWS best practices. No magic, just solid, understandable checks.
⚙️ Robust API First: GuardPost Core is built API-first. It features a REST API with JWT authentication, allowing you to access scan data, findings, and integrate GuardPost into your existing workflows and automation.
🧱 Solid & Open Foundation: Built with a scalable architecture using PostgreSQL for findings storage and Celery for distributed task management. And of course, the core itself is open for you to explore and build upon!
Why is this MVP exciting for me (and hopefully for you!)?
This release is about laying down the tracks for a new way to approach cloud security. The graph-based backend is the cornerstone, ready to be enhanced with more sophisticated analyses. You can already get tangible value by understanding your AWS environment's interconnectedness. The client.py script included in the repo gives you a direct way to interact with these core functionalities today.
What's Next?
This MVP is just the beginning of the GuardPost journey:
🚀 Post-MVP Core Enhancements: We'll be continuously adding more depth to our analysis, refining the graph capabilities (more relationship types, richer context!), and expanding coverage to more AWS services and even other cloud providers down the line.
🤖 The GuardPost AI Agent & Client CLI: This is where things get really interesting. Concurrently, we're developing the GuardPost AI Agent. This will be your intelligent partner for cloud security, leveraging the Model Context Protocol (MCP) to provide:
A natural language, conversational interface to your security data.
Advanced analytical tools, including a Python execution sandbox (imagine asking complex questions and having the AI write and run Pandas scripts on your security data!).
Streamlined workflows and proactive insights.
The Client CLI will be the primary way to interact with this powerful agent.
🤝 Community & Transparency: Building in the open means your feedback is crucial. As you explore the MVP, I'd love to hear your thoughts, suggestions, and what you'd like to see next. This isn't a black box; it's a collaborative effort.
Get Started & Join the Journey:
Dive into the Code: https://github.com/trinity-cloud/guardpost-core
Quick Start: Check out the README – Docker Compose will get you up and running quickly.
Explore Your Graph: Connect to Neo4j and see your AWS environment like never before.
Share Your Thoughts: Join the discussion here on Discord!
A massive thank you to everyone who's shown interest and support so far. This is a big step, but it's truly just the first. Let's make cloud security more understandable, accessible, and effective – together!
Stay secure! 🛡️