Cloud vendor security advisories
AWS, Microsoft, Google Cloud, Azure, GitHub, Cloudflare and Okta security advisories and status changes as one deduplicated event stream.
Watch the security bulletins and service-health feeds of the major cloud and infrastructure vendors in one place. New advisories, exploited vulnerabilities and major outages surface as normalized events you can route to Slack or a webhook. Every source here is a published RSS or Atom feed the Engine polls and deduplicates, so you see genuinely new advisories rather than re-emitted noise.
What it monitors
| Source | URL | Tier |
|---|---|---|
| AWS Security Bulletins | https://aws.amazon.com/security/security-bulletins/rss/feed/ | Feed |
| Microsoft MSRC Update Guide | https://api.msrc.microsoft.com/update-guide/rss | Feed |
| Google Cloud Service Health | https://status.cloud.google.com/feed.atom | Feed |
| Azure status | https://azurestatuscdn.azureedge.net/en-us/status/feed/ | Feed |
| GitHub status | https://www.githubstatus.com/history.atom | Feed |
| Cloudflare status | https://www.cloudflarestatus.com/history.atom | Feed |
| Okta Trust / status | https://feeds.feedburner.com/OktaTrustRSS | Feed |
Instantiate it
Attach these sources to your library (and create the suggested alerts) with one call. Instantiation is idempotent and partial-success: a valid request always returns 200 with a per-source report, even when some sources fail.
curl -X POST https://api.hypeline.io/v1/templates/cloud-vendor-security/instantiate \
-H "X-API-Key: $HYPELINE_KEY" \
-H "Content-Type: application/json" \
-d '{"alerts":true}'A successful response is a report you can act on:
{
"template": "cloud-vendor-security",
"version": 1,
"status": "complete",
"sources": [
{
"url": "https://aws.amazon.com/security/security-bulletins/rss/feed/",
"status": "attached_new",
"source_id": "0197a1b2-...",
"detected_type": "feed"
}
],
"alerts": [
{
"name": "Critical or exploited vulnerabilities",
"status": "created",
"alert_id": "0199c3d4-...",
"source_count": 1
}
],
"next_steps": {
"add_destination": "/alerts/0199c3d4-.../destinations",
"stream": "/v1/stream?..."
},
"summary": {
"attached": 1,
"already": 0,
"failed": 0,
"alerts_created": 1
}
}Suggested alerts
- Critical or exploited vulnerabilities —
critical OR "remote code execution" OR "actively exploited" OR "zero-day"(en) - Major outages —
outage OR degraded OR "elevated error"(en)
Every event this watchlist emits is Ed25519-signed. See Verifying events to check a signature offline.