Major release: Cloud Scanning (CSPM) available for all customers

What is Cloud Scanning?

Cloud Scanning automates the identification of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (Saas), and Platform as a Service (PaaS). Cloud Scanning from Holm Security combines Cloud Security Posture Management (CSPM) and Next-gen Vulnerability Management into one helping you reduce the risk of public cloud data or compliance breaches.

An integrated part of our platform

We are happy to announce the release of Cloud Scanning as an integrated part of our Next-gen Vulnerability Management Platform – available for all customers.

Cloud Scanning operates directly against the API which the cloud vendors are exposing, allowing us to provide complete coverage across cloud services – both cloud native (such as AWS DynamoDB) as well as infrastructure-based services (such as AWS EC2).

In this release, we provide coverage for the most used services in AWS, and we already now plan to extend coverage to Microsoft Azure near time.

Contact us for early access

The initial release of Cloud Scanning will be for a set of early adopters and if you would like to be part of this early release please contact our Support Team or Customer Success Team.

We are looking forward to you taking part in this early release and are looking forward to receiving your feedback on our brand new product, Cloud Scanning.

Included for all existing customers - without any extra charge

While others provide Cloud Scanning as a separate product and charge for the product, we will provide Cloud Scanningto all customers free of charge. Notice that you might need additional licenses to cover all of your assets (IPs, cloud resources etc.).

How to set up scanning of your AWS account?

Global coverage & authentication

Global coverage is achieved by scanning your cloud assetsacross all available regions, making it easy to get an overview of how your security exposure is aligned across different regions. You can simply control what you want to cover by setting up your own IAM-enabled account, where Cloud Scanningwill use the API access keys to authenticate (which are stored encrypted on our side). Making you fully in control of what permissions are allowed to evaluate the cloud account.

How we are protecting your credentials?
Where do I find my access key ID and secret access key?
What permissions are required to scan my AWS environment?

Policies & cloud support

Our Security Research team has come up with a set of quality-assured policies which are built into Cloud Scanning. These policies are continuously maintained and built out to increase coverage across more cloud services and providers. 

The initial release of Cloud Scanning supports the top 10 most used cloud services within AWS (Amazon Web Services), which results in over 200 different policies that we use to identify security risks.

What cloud services and providers are covered?

Getting started

You can easily begin using Cloud Scanning by visiting Scan Cloud within Security Center. From here you can configure a profile with the authentication, set up a scan schedule, and have a continuous scanning set up within minutes.

What is the recommended scan schedule for Cloud Scanning?

Gradually integrated with unified views

Cloud Scanning will be gradually integrated into asset and vulnerability views as we release unified views and risk scores.


We are planning to have support for Microsoft Azure ready soon, with several more features aligned within Security Center such as a Cloud Scanning summary report. 

Have more questions? Submit a request


Please sign in to leave a comment.