
cloudsploit
Cloud Security Posture Management (CSPM)
The Lens
CloudSploit scans your cloud accounts for security risks and misconfigurations, in the same family as Prowler and ScoutSuite. It checks AWS, Azure, GCP, and Oracle Cloud against a library of tests: exposed storage, permissive firewall rules, unencrypted resources, missing logging. It's open source, maintained by Aqua Security.
You run it as a Node.js tool with read-only credentials, and it outputs findings you can pipe into CI or a report. Like the other open source scanners, it's stateless: run, review, remediate, repeat. No agent, no infrastructure to babysit.
The repo is free. Aqua sells a broader commercial cloud security platform, but you don't need it to use the scanner. For teams choosing between open source CSPM tools: Prowler has the widest compliance mapping, ScoutSuite the cleanest report, CloudSploit sits comfortably in between.
The catch: the open source project gets less attention than Aqua's commercial product, so check recent commit activity before you build a workflow around it. For a core scan it's solid; for bleeding-edge cloud coverage, the paid platforms move faster.
Free vs Self-Hosted vs Paid
fully freeSelf-hosted (free): The CloudSploit scanner under GPL, a Node.js tool that checks AWS, Azure, GCP, and Oracle Cloud for misconfigurations against a library of tests. Runs with read-only credentials, outputs findings for CI or reports. Stateless.
Commercial: Aqua Security sells a broader commercial cloud security platform, but it's a separate product, not a paid tier of the open source scanner.
The call: Fine as a free CSPM scanner. Among the open source options, Prowler has the widest compliance mapping and ScoutSuite the cleanest report.
The scanner is free and open source. Aqua sells a separate, broader commercial platform you don't need to run it.
Get tools like this every Wednesday
One featured tool, three on the radar. No fluff.
About
- Owner
- Aqua Security (Organization)
- Stars
- 3,749
- Forks
- 746
Explore Further
More tools in the directory
openclaw
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
381.5k ★everything-claude-code
The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
225.3k ★hermes-agent
The agent that grows with you
208.2k ★