Connect a read-only role and get your security posture against CIS, AWS FSBP, PCI-DSS, HIPAA, SOC 2, ISO 27001 and NIST — 117 automated checks across 56 services, with audit-ready reports and drift over time.
CloudProof scans with read-only access — nothing is installed in your account and no data plane runs there.
Deploy a read-only IAM role with one CloudFormation template (or run our CLI for air-gapped accounts).
We evaluate 117 controls across your accounts and every region, mapped to the frameworks you care about.
Share an audit-ready report (HTML/PDF/CSV/SARIF), track drift over time, and hand evidence to your auditor.
Built for the platform/security engineer to adopt, and the CISO or compliance lead to sign off.
One technical check satisfies many controls — CIS 3.1 is also PCI 10.2.1 and NIST AU-2. Plus attestation for the policy/process controls scanners ignore.
Every finding comes with AWS CLI, Terraform, CDK and Pulumi fixes — with cost impact and a rollback path.
Timestamped, archivable reports. See what regressed, what got fixed, and your posture trend over time.
Audit a single account or an entire AWS Organization with cross-account role assumption.
Regulated or isolated? Run the same engine as a signed, offline-licensed binary on-prem — no SaaS access required.
Run in the EU with data residency that helps your own GDPR story.
Technical controls auto-checked; organizational controls captured via attestation with evidence links.
Priced per connected AWS account. Start free, upgrade when you need the frameworks and continuous monitoring CloudProof gives you.
Prices are introductory and may change. Billed annually saves ~2 months. Sold via AWS Marketplace — pay on your existing AWS bill.