A new open-source tool from Duo called CloudTracker, now available on Github, analyzes Amazon Web Services (AWS) CloudTrail logs to ensure the principle of least privileges for Identity and Access Management (IAM) users. The tool ensures that IAM privileges any actors were granted are actually being used.

Check out the blog post by Scott Piper, an AWS security consultant at Summit Route, for much more on CloudTrail logs, using CloudTracker with ElasticSearch and Mozilla’s Hindsight, as well as CloudTracker use case examples: https://duo.com/blog/introducing-cloudtracker-an-aws-cloudtrail-log-analyzer