AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident.
The solution includes a Lambda function and proof of concept client. You can either adopt this client or build your automation that calls the Lambda function to streamline containment.
“I recently left my role as Sr. Director, Security Engineering at Robinhood and have been using my free time to sharpen my skills as an individual contributor and contribute to open source. I find it stimulating and a great way to build stronger ties with the security community,” Jeffrey Lyon, the creator of AWS Kill Switch, told Help Net Security.