Comprehensive cloud security scans.

Discover, inventory, and search any object in your clouds, workloads, and APIs.

An abundance of integrations

Security scanner

Find misconfigurations and common security problems across all systems.


Scan any Linux distro running on servers, VMs, containers or embedded devices. Find vulnerabilities and other security issues.


Scan any MacOS system for vulnerabilities and security issues.


Scan any Windows system on servers or endpoints for vulnerabilities and security issues.

Amazon Web Services (AWS)

Scan everything in AWS, including accounts, EC2 instances, S3 buckets, EKS clusters, IAM users and more.


Scan everything in Azure, including accounts, VMs, storage objects, AKS clusters, MS365 and more.

Google Cloud

Scan everything in Google Cloud, including accounts, GCE VMs, GCS buckets, GKE clusters, IAM users and more.


Scan Kubernetes clusters and manifests, containers and images, and all other objects. Use cnspec as a kubernetes operator.


Scan any API, service (GitHub, GitLab, Atlassian, Okta), network host (HTTP, TLS, DNS) and many more.


Scan all Terraform objects across HCL configs, as well as plan and state files.


Providers — connectors to different technologies


Resources  — individual objects inside of providers


Fields — structured data describing objects

We also made cnquery, which lets you answer any question about your infrastructure

Custom policies

You can create your own policies with cnspec. These are YAML files with MQL queries, which can be run with cnspec anywhere.

Comprehensive cloud 
security scans.