Last updated: 2025-09-30
Purpose
This article describes how to set up a Cloud assessment.
Introduction
Cloud environments can introduce new risks and vulnerabilities that may not exist in traditional on-premises environments. This makes cloud assessments an important part of any Vulnerability Management program. The Cloud Assessment evaluates compliance against a policy in a Boolean way regarding an organization's use of cloud services.
A Cloud Assessment evaluates the customer's use of the cloud service provider, as well as assessing the configuration and security of the organization's own cloud environment. This can include evaluating the security of the network architecture, access controls, and data encryption.
The assessment considers the unique security challenges to be associated with different types of public cloud deployments, such as AWS, Google Cloud, and Azure. For example, a public cloud environment may require additional controls to protect against data breaches and unauthorized access, while a private cloud environment may require more focus on access controls and network segmentation.
The assessment identifies potential vulnerabilities and risks and is used to develop plans for remediation. This includes implementing additional security controls or practices, such as multi-factor authentication, network segmentation, or regular vulnerability scanning and testing.
In summary, a cloud assessment is a critical component of maintaining a secure cloud environment and should be conducted on a regular basis to ensure ongoing protection against emerging threats and vulnerabilities.
Setting up a Cloud Assessment Scan
-
Select which assessment to use, for this example Cloud assessment is chosen.
-
Select Credentials from the drop down menu. See Scan Credentials for more information on how to set up scan credentials.
Whenaws.access.key.allow.remote = falseand ARN credentials are selected, the scanner dropdown is hidden and the default scanner is selected as value. -
Select Policy from the drop down menu.
-
The Max Concurrent Scans field sets the maximum number of scans that can run at the same time. Set the value to 0 for no limit.
-
Select which Regions to scan. For further information about AWS regions, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html.
If multiple regions are selected, each time the scan configuration runs, the number of scans queued/started will match the number of regions selected. -
Click on the blue Add button in the lower right corner to add the configuration.
Adding new configurations also populates the Assets. The assets are deducted from the submitted target information. If an asset already exists, the created configuration is linked to it. Else, it is created upon creation of the configuration and linked.
See Cloudsec Scan Configuration for more information.
Related Articles
- Windows 10/Windows 2019 Server
- General Information about SMB/WinRM Scanning
- Windows 8.1
- Scan Blueprint
- How to Test SMB Authentication
- Docker Image Assessment
- Windows 2016 Server
- How to Scan AWS ECR Images
- Scanning-Less Scanning
- Scan Scheduling Errors
- Network Host Assessment
- Core Installation
- Windows 2008 R2 Server
- Scanning Range
- SMB Authentication from OUTSCAN/HIAB