CloudSploit

CloudSploit by Aqua is an open-source Cloud Security Posture Management (CSPM) tool. It identifies security misconfigurations in cloud infrastructure accounts.

Key features:

• Multi-Cloud Support: Scans AWS, Azure, GCP, Oracle Cloud Infrastructure (OCI), and GitHub.
• Compliance Mapping: Maps plugins to compliance policies like HIPAA, PCI, and CIS Benchmarks.
• Customizable Output: Supports console, CSV, JSON, and JUnit XML output formats.
• Suppression: Allows suppressing results using regular expressions.
• Docker Support: Can be run within Docker containers.
• Plugin Architecture: Extensible architecture for writing custom security checks.

Use cases:

• Automated security auditing of cloud environments.
• Compliance monitoring and reporting.
• Integration into CI/CD pipelines for continuous security.
• Identifying and remediating security misconfigurations.