CloudSploit was started in June 2015 as a way of bringing AWS security to the masses. AWS is continually announcing new products, and routinely releases hundreds of new features and configuration options each year. With the dizzying array of potential setups, the surface area for potential attacks has become enormous. While AWS provides an incredible amount of security options, and truly offers solid protection for its users, the onus is on the user to properly configure them. When they don't, attackers are quick to turn a simple misconfiguration into a massive usage bill (at best) or an all-out cyber attack on a company and its infrastructure.
CloudSploit aims to solve the problem of misconfigured AWS accounts. With its background scanning, CloudSploit is continually combing through hundreds of resources, settings, and activity logs to find potential issues. It then offers recommendations for fixing the findings and securing the account.
Based in New York City, CloudSploit is now producing over ten thousand scan results every day for users of AWS ranging from hobbyists to multi-national corporations.
From the beginning, CloudSploit's mission has been to improve cloud security for everyone, not just those who can afford expensive, highly-limited plans. At its core, the CloudSploit product is designed around our open source scanning engine (available on GitHub). We always have, and will always remain, an open source-first organization.