Azure provides the tools for security.
CloudSploit helps you use them correctly.

Detect Risks in Every Azure Region

Many attackers who gain access to an Azure account embed themselves in unused regions to avoid detection. CloudSploit scans every public Azure region, even the ones you don't actively use.

  • Blob Service
  • File Service
  • Queue Service
  • Storage Accounts
  • Resource Groups
  • Table Service
  • + many more ...
Get Started

Generate Comprehensive Azure Security Reports

CloudSploit's security reports highlight security misconfigurations and potential threats in your Azure accounts, along with detailed remediation steps and links to official Azure documentation.

Get Started

How It Works

  • 1
    Create a secure Azure application user
    Create an Azure active directory application user to enable CloudSploit access to your account's APIs.
  • 2
    Give the role read-only permissions
    Azure's read-only policy gives CloudSploit the audit access it needs to evaluate security configuration.
  • 3
    Connect your application to CloudSploit
    It takes less than a minute to connect a new Azure account through the CloudSploit dashboard.
  • 4
    Begin scanning
    You can initiate on-demand scans immediately or enable continuous, background scanning.

Frequently Asked Questions

Our support team can answer any other questions that our help page can't.
What Azure services are supported?

Nearly all of Azure's services are supported, including File Service, Blob Storage, Queue Service, Table Service, Storage Accounts, Resource Groups, and more.

What kinds of configurations are checked?

CloudSploit looks for security-related configurations including network access, encryption, user permissions, access control, least-privilege, and hundreds more.

Can I write custom checks?

Yes. CloudSploit supports custom plugins, enabling you to create your own checks. All checks use the Azure API, so your options are nearly limitless.

Can I limit what Azure services are scanned?

Yes. You can suppress regions, tests, and resources, allowing you to customize the results in your reports.

How much do Azure account connections cost?

During the beta period, all Azure connections to CloudSploit are free. After the beta, standard pricing per-subscription will apply.

Is CloudSploit's connection to Azure secure?

Yes. CloudSploit uses a Azure application account with read-only access which provides secure access to your Azure resource metadata.

Ready to test your security?

Get Started Now