FAQ
FAQs for reports and tools
CloudSploit can produce cloud IaaS-level scan reports, printable (top-level summary) reports, compliance reports, trend reports, historical information repo...
Sun, 10 Nov, 2019 at 11:57 AM
The CloudSploit Org-Wide Report enables single-pane-of-glass insight into all connected cloud IaaS accounts, with filters for regions and plugins. This repo...
Sun, 10 Nov, 2019 at 11:58 AM
Yes. Scan reports can be exported as CSV or PDF. Org-Wide reports can be exported to CSV in multiple formats.
Mon, 27 Apr, 2020 at 8:48 AM
The CloudFormation Scanner tool is used to provide static analysis of CloudFormation templates to locate potential security risks that would be introduced b...
Sun, 10 Nov, 2019 at 11:58 AM
The CloudFormation Scanner can locate misconfigurations in EC2, RDS, IAM, ElasticSearch, VPC, Redshift, SNS, and numerous other services.
Sun, 10 Nov, 2019 at 11:58 AM
Yes. Please note that YAML templates are converted to JSON using the cfn-flip utility, which may lack support for some custom AWS-specific YAML properties.
Sun, 10 Nov, 2019 at 11:59 AM
The CloudFormation Scanner can not currently follow complex conditional logic that uses CloudFormation references (Ref) or conditions (If). For example, a s...
Sun, 10 Nov, 2019 at 11:59 AM
The Live Run tool allows users to run a single plugin against a connected cloud IaaS account and receive results in real-time, along with a copy of the API ...
Sun, 10 Nov, 2019 at 11:59 AM
CloudSploit’s cloud visualizers allow users to scan for common security risks (open S3 buckets, misconfigured IAM roles, etc) and view the results, with vis...
Sun, 10 Nov, 2019 at 11:59 AM
Yes. The AWS S3 Visualizer tool scans all S3 buckets for policy and ACL violations that would result in the bucket being publicly exposed.
Sun, 10 Nov, 2019 at 11:59 AM