🗂️ Navigation
📁 Infrastructure as Code
📋 IaC Security Scanning
🔧 CloudSploit by Aqua

CloudSploit by Aqua

Cloud Security Auditing and Monitoring.

Visit Website →

Overview

CloudSploit, now part of Aqua Security, is a security and compliance scanning tool for cloud environments. It scans cloud accounts for potential security risks and misconfigurations. The open-source version provides on-demand scanning, while the commercial SaaS offering provides continuous monitoring, reporting, and integrations. It is primarily a CSPM tool but is relevant to IaC as it checks the resulting posture of deployed infrastructure.

✨ Key Features

  • Scans AWS, Azure, GCP, and Oracle Cloud
  • Hundreds of security and compliance checks
  • Continuous monitoring and alerting (SaaS version)
  • Compliance reporting (CIS, PCI, HIPAA)
  • Open-source scanner available

🎯 Key Differentiators

  • Strong open-source offering.
  • Simple and easy-to-use interface.
  • Focused on cloud security posture management.

Unique Value: Provides a simple and effective way to audit and monitor cloud security posture, with a strong open-source option for teams that want to get started quickly.

🎯 Use Cases (4)

Auditing cloud security posture. Continuous compliance monitoring. Detecting cloud misconfigurations. Validating the security of deployed IaC.

✅ Best For

  • Running periodic scans to ensure compliance with CIS benchmarks.
  • Receiving real-time alerts on critical misconfigurations.
  • Generating compliance reports for auditors.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Organizations that need pre-deployment, static analysis of IaC files.

🏆 Alternatives

Prowler Scout Suite CSPM platforms

While it is a runtime scanner, not a static IaC scanner, it provides the crucial function of verifying that deployed infrastructure is actually secure and compliant, complementing IaC scanning tools.

💻 Platforms

Web CLI

🔌 Integrations

AWS Azure GCP Oracle Cloud Slack Splunk

🛟 Support Options

  • ✓ Email Support
  • ✓ Dedicated Support (SaaS tier)

🔒 Compliance & Security

✓ SOC 2 ✓ HIPAA ✓ BAA Available ✓ GDPR ✓ ISO 27001 ✓ SSO ✓ Part of Aqua Security's compliance program (SOC 2, ISO 27001)

💰 Pricing

Contact for pricing
Free Tier Available

✓ 14-day free trial

Free tier: Open-source version is free for on-demand scanning.

Visit CloudSploit by Aqua Website →

🔄 Similar Tools in IaC Security Scanning

Snyk

Finds and fixes vulnerabilities in code, open source, containers, and IaC....

$25.00/mo

Prisma Cloud by Palo Alto Networks

Secures applications from code to cloud across multicloud environments....

Contact

Wiz

A CNAPP that provides full stack visibility and security....

Contact

Orca Security

Provides comprehensive, agentless security and compliance for the cloud....

Contact

Lacework

Automates cloud security and compliance for multicloud environments....

Contact

CrowdStrike Falcon Cloud Security

Extends CrowdStrike's EDR leadership to cloud security....

Contact