CloudSploit by Aqua:
Cloud Security
Posture Management

Ensures security and compliance best practices for your public cloud IaaS, detecting configuration issues across AWS, Azure, Google Cloud and more.

Leading enterprises use CloudSploit to secure their public cloud deployments, making it easy to automate adherence to best practices.

Detect Cloud Risk

Continually audit cloud accounts for security risks and misconfigurations across hundreds of configuration settings.

Accelerate Remediation

Get detailed, actionable advice and links in scan reports and event alerts, enabling users to quickly fix and re-evaluate issues.

Multi-cloud, multi-service

Scan and monitor for issues across public clouds and dozens of services, ensuring consistent enforcement of security best practices.

Enterprise-grade integrations

Send events and alerts to Splunk, Slack, PagerDuty, OpsGenie, Microsoft Teams, and more.

Easy to deploy and use

CloudSploit is a SaaS solution that can protect your cloud accounts in minutes, supporting multiple users and accounts.
Multi-Cloud CSPM

CloudSploit covers dozens of services and hundreds of best-practice checks across AWS, Azure, Google Cloud, Oracle Cloud, and GitHub, providing a single source of truth for security posture and compliance across all your cloud accounts and geographies.

Continuous CIS Benchmark Auditing

Get reports mapped to the popular CIS Foundation Benchmark tests for public clouds, allowing you to evaluate the security of your cloud accounts according to the best practices defined by the Center for Internet Security.

Extensive Reporting and Auditing

Use ready-made scans and reports for PCI-DSS and HIPAA compliance requirements. Get reports by region, cloud provider service category (e.g., AWS EC2, AWS S3), severity level, etc. Export as CSV or PDF. Customize alerts for specific types of checks and conditions.

Transparent Open Source Architecture

At its core, CloudSploit is based on open source, using a unique plug-in architecture that is easy to extend and enhance. Need to test a specific cloud service against a best practice that’s currently not covered? Creating a plug-in is easy. This also provides transparency into what is checked and how it is checked – great for auditors and compliance officers.

CloudSploit on GitHub ›
AWS CloudFormation and GitHub Checks

Automated security for “infrastructure as code” by checking CloudFormation templates and GitHub configuration for security risks before applications are deployed, essentially “shifting left” security and avoiding risk and security incidents when applications are deployed in production.

AWS CloudTrail Events Monitoring

Gain visibility into all cloud control-plane API calls in real time. Analyze events for security-sensitive events or potential malicious activity, based on out-of-the-box rules created by security experts, with no additional configuration required.

Dynamic Analysis of Container Images

Automatically scan container images in your cloud registries for hidden malware by dynamically analyzing their behavior in a secure sandbox. Discover sophisticated malware hidden in open source packages and 3rd party images, preventing attacks on your container-based applications, including credential theft, cryptocurrency mining, and data exfiltration.

More about Dynamic Container Analysis ›
Built for Enterprise Scale

Manage multiple users and teams, enable SSO with SAML 2.0, and integrate with SIEM and collaboration tools including Splunk, Slack, OpsGenie, PagerDuty, Microsoft Teams and more. Fully documented RESTful API makes it easy to create additional integrations and automate workflows.