creating-scans | DeepTraQ

Creating a Cloud Security Misconfiguration Scan

Overview

This guide explains how to configure and launch a Cloud Security Misconfiguration (CSPM) scan in DeepTraQ. CSPM scans analyze your cloud infrastructure to detect configuration weaknesses, security risks, and compliance gaps across cloud resources.

DeepTraQ allows you to run comprehensive infrastructure scans, privileged user assessments, and workload exposure checks. The platform also uses AI to convert scan findings into actionable security insights and remediation recommendations.

Supported Platforms

DeepTraQ CSPM scans support the following cloud environments:

AWS
Azure
Google Cloud Platform (GCP)
Oracle Cloud Infrastructure (OCI)

Prerequisites

A cloud account integration must be configured in DeepTraQ
The target cloud environment must be accessible for scanning
Appropriate permissions must be granted for the selected cloud provider
Access to the Cloud Security Misconfigurations module

Steps

Navigate to the CSPM Module

Open the DeepTraQ platform.
Navigate to Cloud Security Misconfigurations.
Click New Scan to begin creating a CSPM scan.

This section lists all previously created scans and their current status.

Select the Cloud Provider

Choose the cloud provider you want to scan.
Supported providers include:
- AWS
- Azure
- GCP
- Oracle

For example, select AWS to scan an AWS cloud environment.

Select the Cloud Account

Click Select Cloud Account.
Choose the integrated cloud account you want to scan.

If the cloud provider is not integrated yet, refer to the cloud integration documentation before continuing.

Configure Scan Information

Provide basic information to identify the scan.

Enter a Scan Name.
Provide a Description explaining the purpose of the scan.
Select the environment you want to scan.

This helps organize scans and makes them easier to track later.

Choose the Scan Type

Click Next to select the scan type. DeepTraQ provides three scan options:

Comprehensive Cloud Environment Scan
Performs a full security assessment of your entire cloud infrastructure.
Privileged User Scan
Identifies risks related to highly privileged identities and access policies.
Workloads Exposure Scan
Detects exposed workloads and services that may be accessible from external networks.

For a full infrastructure assessment, select Comprehensive Cloud Environment Scan.

Configure Reporting Options

In the reporting configuration stage, DeepTraQ prepares scan outputs and AI-generated insights.

AI capabilities can transform raw findings into:

actionable remediation guidance
summarized security insights
prioritized findings for faster remediation

Configure Scan Options

Scan options allow you to customize how scan data is recorded and stored.

Recommended options include:

Save vulnerabilities with info-level findings for deeper visibility
Retain all scan artifacts for debugging and investigation

These options help during troubleshooting and allow deeper analysis of scan results.

Enable AI-Generated Reports (Optional)

You can enable AI-powered reporting to automatically generate:

summarized security insights
remediation guidance
prioritized vulnerability reports

If you prefer manual analysis, leave the AI option disabled.

Configure Scan Scheduling

DeepTraQ allows flexible scan scheduling for continuous cloud monitoring.

You can choose from the following options:

Run Immediately – Start the scan right away.
Schedule Later – Run the scan at a specific future time.
Periodic Scanning – Enable recurring scans for continuous monitoring.

Regular scans help detect configuration drift and new security risks.

Configure Scan Notifications

You can configure email notifications to receive scan summaries when the scan completes.

Enable Trigger Email When Scan Is Done.
Choose the notification recipients.

Notification options include:

Send notification to the currently logged-in user
Add additional email addresses and press Enter

These notifications provide quick visibility into scan outcomes.

Launch the Scan

After configuration is complete:

Click Launch Scan.
DeepTraQ begins scanning the cloud environment.

During the scan, DeepTrack AI analyzes the environment to identify security misconfigurations and generate reports.

View Created Scans

All configured scans appear in the Cloud Security Misconfigurations dashboard.

From this list you can:

view scan status
review completed scans
launch scans again when needed

Run an Existing Scan

To rerun a previously configured scan:

Locate the scan in the dashboard.
Click Run.

The scan will execute using the previously configured parameters.

Field Reference

Field	Description	Example
Cloud Provider	Selects the cloud platform to be scanned	AWS
Cloud Account	The integrated cloud account used for the scan	Production AWS Account
Scan Name	Unique name used to identify the scan	Weekly CSPM Audit
Description	Short explanation of the scan purpose	Security posture review
Environment	Defines which environment is being scanned	Production
Scan Type	Type of CSPM assessment performed	Comprehensive Cloud Environment Scan
Save Vulnerabilities with Info Levels	Stores informational-level findings for deeper analysis	Enabled
Retain Scan Artifacts	Saves all scan artifacts for troubleshooting	Enabled
Enable AI Reports	Enables automated AI-generated remediation insights	Enabled
Scheduling	Determines when the scan runs	Immediate
Email Notifications	Sends summary emails when scan completes	security-team@company.com

Creating a Cloud Security Misconfiguration Scan​

Overview​

Supported Platforms​

Prerequisites​

Steps​

Navigate to the CSPM Module​

Select the Cloud Provider​

Select the Cloud Account​

Configure Scan Information​

Choose the Scan Type​

Configure Reporting Options​

Configure Scan Options​

Enable AI-Generated Reports (Optional)​

Configure Scan Scheduling​

Configure Scan Notifications​

Launch the Scan​

View Created Scans​

Run an Existing Scan​

Field Reference​