Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Newcomer III

Cloud security and asset inventory



Please I have the following concerns:


1. Are there tools you would recommend for comprehensive cloud assets inventory?

2. Is there any recommended platform to run scans on cloud assets?

3. How do you perform secure configuration reviews in the cloud?

4. Is there a way to assess the security risk of AI integrations?

3 Replies
Community Champion



Question 1:   Try this for starters:


Do your own assessment


Question 2:  There are many many vendors:


ServiceNow can do this as well


Question three:  Manually using the SP800-R53 V5 or trust the Cloud Providers, SOC 1 and SOC 2 reports or run your own independent Cloud Security Protection Management system - there are many vendors.   Ask yourself how often you need to run the scans?  When changes occur?  Quarterly?  Bi-annually?


Question four:


Hope this assists your thinking?









Newcomer I



It's great that you're concerned about cloud security and asset inventory. Here are some recommendations and insights for your concerns:


1. Cloud Assets Inventory:

  • AWS: Use AWS Config.
  • Azure: Try Azure Resource Graph.
  • Google Cloud: Utilize Cloud Asset Inventory.

2. Scans on Cloud Assets:

  • AWS: AWS Inspector.
  • Azure: Azure Security Center.
  • Google Cloud: Security Command Center.

3. Secure Configuration Reviews:

  • Use Cloud Security Posture Management (CSPM) tools or Infrastructure as Code (IaC) with Terraform/AWS CloudFormation.

4. Security Risk of AI Integrations:

  • Conduct threat modeling.
  • Implement secure development practices.
  • Consider AI-specific security tools like IBM Watson OpenScale or Azure Machine Learning security features.
Newcomer I

These are two tools for cloud security and asset inventory Azure Policy and Azure environments.