Question 1

How to set up Security Monkey for AWS monitoring?

Accepted Answer

Follow the Quickstart guide which details the new deployment pattern and IAM permissions for role assumption, but note the project is in maintenance mode so expect outdated dependencies.

Question 2

Security Monkey vs AWS Config: which should I use?

Accepted Answer

Security Monkey offers multi-platform support including GitHub, while AWS Config is AWS-native and more integrated for AWS-only setups. However, Security Monkey is end-of-life, so AWS Config is preferable for AWS-focused teams.

Question 3

Does Security Monkey support Microsoft Azure?

Accepted Answer

No, the README only lists AWS, GCP, OpenStack, and GitHub; there is no mention of Azure support, making it unsuitable for Azure-centric environments.

Question 4

How to add custom auditors in Security Monkey?

Accepted Answer

Refer to the development documentation on adding auditors, which allows extending security checks, but be aware that the codebase is Python 2.7 and may require legacy compatibility.

Question 5

What are good alternatives to Security Monkey?

Accepted Answer

For AWS, use AWS Config; for GCP, use Cloud Asset Inventory; for cross-platform needs, consider tools like Cloud Custodian or commercial SIEM solutions, as Security Monkey is deprecated.

Question 6

Is Security Monkey still actively maintained?

Accepted Answer

No, Netflix has placed it in maintenance mode with end-of-life in 2020, so only community contributions handle minor fixes, and no new features are added.

security_monkey

What is security_monkey?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Open Source Alternative To

Frequently Asked Questions