Cloud vendor security advisories

AWS, Microsoft, Google Cloud, Azure, GitHub, Cloudflare and Okta security advisories and status changes as one deduplicated event stream.

Watch the security bulletins and service-health feeds of the major cloud and infrastructure vendors in one place. New advisories, exploited vulnerabilities and major outages surface as normalized events you can route to Slack or a webhook. Every source here is a published RSS or Atom feed the Engine polls and deduplicates, so you see genuinely new advisories rather than re-emitted noise.

What it monitors

SourceURLTier
AWS Security Bulletinshttps://aws.amazon.com/security/security-bulletins/rss/feed/Feed
Microsoft MSRC Update Guidehttps://api.msrc.microsoft.com/update-guide/rssFeed
Google Cloud Service Healthhttps://status.cloud.google.com/feed.atomFeed
Azure statushttps://azurestatuscdn.azureedge.net/en-us/status/feed/Feed
GitHub statushttps://www.githubstatus.com/history.atomFeed
Cloudflare statushttps://www.cloudflarestatus.com/history.atomFeed
Okta Trust / statushttps://feeds.feedburner.com/OktaTrustRSSFeed

Instantiate it

Attach these sources to your library (and create the suggested alerts) with one call. Instantiation is idempotent and partial-success: a valid request always returns 200 with a per-source report, even when some sources fail.

bash
curl -X POST https://api.hypeline.io/v1/templates/cloud-vendor-security/instantiate \
  -H "X-API-Key: $HYPELINE_KEY" \
  -H "Content-Type: application/json" \
  -d '{"alerts":true}'

A successful response is a report you can act on:

json
{
  "template": "cloud-vendor-security",
  "version": 1,
  "status": "complete",
  "sources": [
    {
      "url": "https://aws.amazon.com/security/security-bulletins/rss/feed/",
      "status": "attached_new",
      "source_id": "0197a1b2-...",
      "detected_type": "feed"
    }
  ],
  "alerts": [
    {
      "name": "Critical or exploited vulnerabilities",
      "status": "created",
      "alert_id": "0199c3d4-...",
      "source_count": 1
    }
  ],
  "next_steps": {
    "add_destination": "/alerts/0199c3d4-.../destinations",
    "stream": "/v1/stream?..."
  },
  "summary": {
    "attached": 1,
    "already": 0,
    "failed": 0,
    "alerts_created": 1
  }
}

Suggested alerts

  • Critical or exploited vulnerabilitiescritical OR "remote code execution" OR "actively exploited" OR "zero-day" (en)
  • Major outagesoutage OR degraded OR "elevated error" (en)

Every event this watchlist emits is Ed25519-signed. See Verifying events to check a signature offline.