Cloud Scanners
Configure and manage cloud infrastructure scanners for AWS, Azure, and Google Cloud Platform
🔶
Amazon Web Services (AWS)
Scan EC2 instances, S3 buckets, RDS databases, IAM roles, and more across your AWS infrastructure
Not Configured
Scanning Capabilities
EC2 instance scanning
S3 bucket security analysis
IAM permissions audit
RDS database configuration
Lambda function security
CloudTrail monitoring
☁️
Microsoft Azure
Scan virtual machines, storage accounts, SQL databases, Key Vaults, and Azure AD across your Azure subscriptions
Not Configured
Scanning Capabilities
Virtual machine scanning
Storage account security
Azure AD permissions
SQL database configuration
Key Vault analysis
Network security groups
🔴
Google Cloud Platform (GCP)
Scan Compute Engine instances, Cloud Storage buckets, Cloud SQL, IAM, and Cloud Functions in your GCP projects
Not Configured
Scanning Capabilities
Compute Engine scanning
Cloud Storage security
IAM permissions audit
Cloud SQL configuration
Cloud Functions security
KMS key management
About Cloud Scanners
Security Best Practices
- Use dedicated service accounts/roles with read-only permissions
- Prefer cross-account roles (AWS) or service principals (Azure) over long-term credentials
- Enable CloudTrail/Activity Logs to audit scanner access
- Rotate credentials regularly and use external IDs (AWS) for additional security
What We Scan
Our cloud scanners perform read-only operations to inventory your infrastructure, identify security misconfigurations, and assess compliance with best practices. No changes are made to your cloud resources during scanning.