Google Cloudsploit provides the tools for security.
CloudSploit helps you use them correctly.

Detect Risks Across Google Projects

CloudSploit securely connects to and monitors Google Cloud Platform projects for misconfigurations, insider threats, and malicious activity.

  • Service Permissions and Settings
  • User Access Controls and Project Policies
  • Infrastructure Configuration
  • + much more ...
Get Started

Generate Comprehensive GCP Security Reports

CloudSploit's security reports highlight security misconfigurations and potential threats in your GCP accounts, along with detailed remediation steps and links to official GCP documentation.

Get Started

How It Works

  • 1
    Create a GCP Service Account
    The CloudSploit service account enables access to your GCP project.
  • 2
    Give the account read-only permissions
    CloudSploit never requires write access to your account. Simply use the recommended GCP API read-only policies.
  • 3
    Connect the account to CloudSploit
    It only takes 1-2 minutes to connect your GCP account to CloudSploit and begin scanning.
  • 4
    Begin scanning
    You can initiate on-demand scans immediately or enable continuous, background scanning.

Frequently Asked Questions

Our support team can answer any other questions that our help page can't.
What GCP services are supported?

CloudSploit supports auditing many popular GCP services including: CLB, Compute, DNS, IAM, Kubernetes, Logging, SQL, Storage, VPC, and more.

What kinds of configurations are checked?

CloudSploit looks for security-related configurations including user access control, infrastructure settings, and much more.

Can I write custom checks?

Yes. CloudSploit supports custom plugins, enabling you to create your own checks. All checks use the GCP API, so your options are nearly limitless.

Can I limit what GCP services are scanned?

Yes. You can suppress any test or resource, allowing you to customize the results in your reports.

How much do GCP account connections cost?

GCP connections to CloudSploit are charged per-project on a monthly or annual basis.

Is CloudSploit's connection to GCP secure?

Yes. CloudSploit uses a GCP service account with read-only access which provides secure access to your GCP resource metadata.

Ready to test your security?

Get Started Now