Search Try Aqua

CloudSploit by Aqua:
Cloud Security
Posture Management

Ensures security and compliance best practices for your public cloud IaaS, detecting configuration issues across AWS, Azure, Google Cloud and more.

Leading enterprises use CloudSploit to secure their public cloud deployments, making it easy to automate adherence to best practices.


Detect Cloud Risk

Continually audit cloud accounts for security risks and misconfigurations across hundreds of configuration settings.

Accelerate Remediation

Get detailed, actionable advice and links in scan reports and event alerts, enabling users to quickly fix and re-evaluate issues.

Multi-cloud, multi-service

Scan and monitor for issues across public clouds and dozens of services, ensuring consistent enforcement of security best practices.

Enterprise-grade integrations

Send events and alerts to Splunk, Slack, PagerDuty, OpsGenie, Microsoft Teams, and more.

Easy to deploy and use

CloudSploit is a SaaS solution that can protect your cloud accounts in minutes, supporting multiple users and accounts.

Get started with CloudSploit

Try CloudSploit
Multi-Cloud CSPM

CloudSploit covers dozens of services and hundreds of best-practice checks across AWS, Azure, Google Cloud, Oracle Cloud, and GitHub, providing a single source of truth for security posture and compliance across all your cloud accounts and geographies.

Webinar
Aqua Cloud Security Posture Management with CloudSploit
Blog
Announcing General Availability of CloudSploit by Aqua for GCP
Continuous CIS Benchmark Auditing

Get reports mapped to the popular CIS Foundation Benchmark tests for public clouds, allowing you to evaluate the security of your cloud accounts according to the best practices defined by the Center for Internet Security.

Extensive Reporting and Auditing

Use ready-made scans and reports for PCI-DSS and HIPAA compliance requirements. Get reports by region, cloud provider service category (e.g., AWS EC2, AWS S3), severity level, etc. Export as CSV or PDF. Customize alerts for specific types of checks and conditions.

Transparent Open Source Architecture

At its core, CloudSploit is based on open source, using a unique plug-in architecture that is easy to extend and enhance. Need to test a specific cloud service against a best practice that’s currently not covered? Creating a plug-in is easy. This also provides transparency into what is checked and how it is checked – great for auditors and compliance officers.

CloudSploit on GitHub ›
AWS CloudFormation and GitHub Checks

Automated security for “infrastructure as code” by checking CloudFormation templates and GitHub configuration for security risks before applications are deployed, essentially “shifting left” security and avoiding risk and security incidents when applications are deployed in production.

AWS CloudTrail Events Monitoring

Gain visibility into all cloud control-plane API calls in real time. Analyze events for security-sensitive events or potential malicious activity, based on out-of-the-box rules created by security experts, with no additional configuration required.

Dynamic Analysis of Container Images

Automatically scan container images in your cloud registries for hidden malware by dynamically analyzing their behavior in a secure sandbox. Discover sophisticated malware hidden in open source packages and 3rd party images, preventing attacks on your container-based applications, including credential theft, cryptocurrency mining, and data exfiltration.

More about Dynamic Container Analysis ›
Solution Sheet
Aqua Dynamic Threat Analysis (DTA) for Aqua CSPM
Built for Enterprise Scale

Manage multiple users and teams, enable SSO with SAML 2.0, and integrate with SIEM and collaboration tools including Splunk, Slack, OpsGenie, PagerDuty, Microsoft Teams and more. Fully documented RESTful API makes it easy to create additional integrations and automate workflows.

Useful Resources

Webinar
Aqua Cloud Security Posture Management with CloudSploit
Case Study
A CloudSploit Case Study:
Trek10's Three AWS Cloud Security Concerns
& One Solution
Solution Sheet
CloudSploit Solution Sheet
Blog
Expanding into CSPM and Deepening Cloud VM Security
Ready to take the plunge?
Try Aqua

    Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines. Aqua bridges the gap between DevOps and security, promoting business agility and accelerating digital transformation.

    Aqua’s Cloud Native Security portfolio provides full visibility and security automation across the entire application lifecycle and infrastructure, using a modern zero-touch approach to detect and prevent threats while simplifying regulatory compliance. Aqua customers include some of the world’s largest financial services, software development, internet, media, hospitality and retail companies, with implementations across the globe spanning a broad range of cloud providers and on-premise technologies.

Privacy Policy | Terms of Use
Copyright © 2020 Aqua Security Software Ltd.