What is the Cloud scan?

Intro

Stoïk Protect's Cloud scan monitors and analyzes the part of the insured company's infrastructure located in the Cloud. Conversely, this scan does not include storage solutions such as OneDrive, SharePoint, or Google Drive, which you may already have.

This scan is updated daily, without any action required from you.

How does it work?

The Cloud scan uses two open-source tools: Scout Suite and CloudSploit, and is available for the leading cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). It allows you to analyze elements of your cloud configuration deemed critical from a cybersecurity perspective, including:

User access methods and rights: verify that user rights and authentication methods are properly hardened.
Password policy: audit the password policy and ensure it is not overly permissive.
Database exposure: validate that databases are not publicly exposed on the internet and analyze access rights.
Firewall rules: audit access rules to the cloud infrastructure.
Backup policy: verify that backups are performed regularly.

It is non-instrusive, since Stoïk Protect:

Only has read access to the cloud infrastructure configuration, enabling technical auditing
Does not access data stored in the cloud, such as company data or emails, nor can it modify the infrastructure.

Entra ID

The Cloud scan analyzes Active Directories located in the cloud (also known as Entra IDs). When only Office 365 via Entra ID is scanned, the analysis focuses on aspects related to your mailbox, such as detecting users who have not enabled two-factor authentication.

PreviousWhat are the most common AD misconfigurations?NextCloud scan setup: Office 365 & Entra ID

Last updated 1 hour ago

Was this helpful?