Scan Cloud Environments with cnspec
Scan public clouds, private clouds, and Kubernetes for misconfigurations and vulnerabilities with cnspec. Choose your cloud platform to get started.
cnspec scans your cloud environments for misconfigurations, vulnerabilities, and compliance gaps without installing an agent on a single resource. It connects to each platform's API, evaluates your account against built-in security policies, and reports what's at risk.
New to cnspec? Read the Quickstart to install cnspec and run your first scan, then come back to scan your cloud.
Public clouds
Scan an entire cloud account or subscription against best practices for identity, storage, compute, networking, and dozens of other services.
Amazon Web Services
Scan AWS accounts, plus EC2 instances and Packer builds.
Microsoft Azure
Scan Azure subscriptions and virtual machines.
Google Cloud
Scan Google Cloud projects, instances, and Packer builds.
Oracle Cloud Infrastructure
Scan OCI tenancies for identity, networking, and storage risks.
DigitalOcean
Scan DigitalOcean accounts.
Hetzner Cloud
Scan Hetzner Cloud projects.
STACKIT
Scan STACKIT projects.
Equinix Metal
Scan Equinix Metal infrastructure.
OpenStack
Scan OpenStack projects.
Private clouds and virtualization
Scan your on-premises and self-managed virtualization platforms.
VMware
Scan VMware vSphere and Cloud Director environments.
Proxmox VE
Scan Proxmox VE clusters.
Nutanix
Scan Nutanix Prism Central environments.
Kubernetes
Shift security left
The same checks cnspec runs against your live cloud resources also run against the infrastructure as code that defines them. Scan your Terraform, CloudFormation, and Bicep before you deploy. See Scan Your Supply Chain.
Go further with Mondoo Platform
To continuously monitor your cloud accounts, track posture over time, and catch new misconfigurations as your infrastructure changes, register cnspec with Mondoo Platform.