Skip to content
An open source, multi-cloud DevSecOps compliance checker by @janoszen
Branch: master
Clone or download
Latest commit 88e452c Jul 5, 2019

CScanner: A Cloud Security Scanner

Documentation GitHub Releases Code Quality GitHub Discord CircleCI GitHub last commit GitHub top language GitHub repo size GitHub issues GitHub pull requests GitHub stars Twitter Follow

Things to do

» Grab the latest release

» Read the documentation

A brief introduction

This utility is intended to check your cloud configuration for compliance with your companies rules in an automated fashion, not unlike AWS Config.

For example, if you want to make sure that your port 22 is never open to the world, across all your cloud providers, you could do something like this:

  # Configure your connections here
    protocol: "tcp"
      - 22

You would then get a report detailing all your security groups across all your cloud providers and if they are compliant or are violating the rules.


You can grab one of the releases from GitHub.


To run the cscanner, simply point it to your config file:

java -jar cscanner.jar your-config-file.yaml

Make sure you have at least Java 8 to run this application. Note that you can use the -h or --help option to get a full list of possible filtering and output options.

Full documentation

For a full documentation please see the cscanner website at

You can’t perform that action at this time.