Tools/aquasecurity/cloudsploit

cloudsploit

Cloud Security Posture Management (CSPM)

3.7kemergingJavaScriptGNU General Public License v3.0

The Lens

CloudSploit scans your cloud accounts for security risks and misconfigurations, in the same family as Prowler and ScoutSuite. It checks AWS, Azure, GCP, and Oracle Cloud against a library of tests: exposed storage, permissive firewall rules, unencrypted resources, missing logging. It's open source, maintained by Aqua Security.

You run it as a Node.js tool with read-only credentials, and it outputs findings you can pipe into CI or a report. Like the other open source scanners, it's stateless: run, review, remediate, repeat. No agent, no infrastructure to babysit.

The repo is free. Aqua sells a broader commercial cloud security platform, but you don't need it to use the scanner. For teams choosing between open source CSPM tools: Prowler has the widest compliance mapping, ScoutSuite the cleanest report, CloudSploit sits comfortably in between.

The catch: the open source project gets less attention than Aqua's commercial product, so check recent commit activity before you build a workflow around it. For a core scan it's solid; for bleeding-edge cloud coverage, the paid platforms move faster.

Free vs Self-Hosted vs Paid

fully free

Self-hosted (free): The CloudSploit scanner under GPL, a Node.js tool that checks AWS, Azure, GCP, and Oracle Cloud for misconfigurations against a library of tests. Runs with read-only credentials, outputs findings for CI or reports. Stateless.

Commercial: Aqua Security sells a broader commercial cloud security platform, but it's a separate product, not a paid tier of the open source scanner.

The call: Fine as a free CSPM scanner. Among the open source options, Prowler has the widest compliance mapping and ScoutSuite the cleanest report.

The scanner is free and open source. Aqua sells a separate, broader commercial platform you don't need to run it.

Self-hosting ops:trivial

Get tools like this every Wednesday

One featured tool, three on the radar. No fluff.

Score
52/100 · C+
Adoption17/30
Maintenance10/25
Community5/20
License10/15
Analysis10/10

About

Owner
Aqua Security (Organization)
Stars
3,749
Forks
746

Explore Further

More tools in the directory