CSPM Coverage
Supported Cloud Services & Resource Checks
DeepTraq Cloud Security Posture Management (CSPM) continuously analyzes misconfigurations, security risks, and compliance gaps across supported cloud services. Each service includes a defined set of security checks aligned with best practices.
Amazon Web Services (AWS)
DeepTraq provides broad coverage across core AWS services:
| Service | Checks | Service | Checks |
|---|---|---|---|
| EC2 | 70 | IAM | 43 |
| RDS | 34 | CloudWatch | 22 |
| S3 | 21 | Cognito | 12 |
| CloudTrail | 11 | CloudFront | 13 |
| OpenSearch | 12 | Glue | 12 |
| VPC | 11 | SageMaker | 11 |
| ELBv2 | 11 | ECS | 11 |
| Redshift | 10 | Neptune | 10 |
| GuardDuty | 9 | DynamoDB | 9 |
| Lambda | 9 | API Gateway | 8 |
| WAF / WAFv2 | 10 | Network Firewall | 7 |
| EKS | 7 | ECR | 6 |
| KMS | 5 | Route53 | 4 |
| Secrets Manager | 4 | EventBridge | 4 |
| CloudFormation | 3 | Athena | 3 |
| Config | 2 | SecurityHub | 1 |
+ 50+ additional AWS services including Autoscaling, Kafka, ElastiCache, Backup, SNS, SQS, Macie, Inspector2, Step Functions, and more.
Microsoft Azure
Coverage across identity, compute, storage, and monitoring services:
| Service | Checks | Service | Checks |
|---|---|---|---|
| Defender | 25 | App Services | 19 |
| Storage | 18 | Entra ID (IAM) | 15 |
| Monitor | 15 | SQL Server | 12 |
| Virtual Machines | 12 | Key Vault | 10 |
| Network | 9 | PostgreSQL | 8 |
| MySQL | 4 | AKS | 4 |
| Cosmos DB | 3 | Container Registry | 3 |
| IAM | 3 | Databricks | 2 |
+ Additional services including Policy, App Insights, AI Search, and API Management.
Google Cloud Platform (GCP)
Security checks across compute, storage, and identity:
| Service | Checks | Service | Checks |
|---|---|---|---|
| Compute Engine | 30 | Cloud SQL | 22 |
| IAM | 12 | Logging | 10 |
| Cloud Storage | 10 | DNS | 3 |
| BigQuery | 3 | API Keys | 3 |
| KMS | 2 | GKE | 1 |
+ Additional services including Container Registry, Dataproc, and Artifact Registry.
Oracle Cloud Infrastructure (OCI)
Focused coverage for core infrastructure and identity services:
| Service | Checks | Service | Checks |
|---|---|---|---|
| Identity | 16 | Events | 13 |
| Network | 6 | Object Storage | 4 |
| Compute | 3 | Block Storage | 2 |
| Analytics | 1 | Audit | 1 |
| Cloud Guard | 1 | Database | 1 |
+ Additional services including File Storage, Integration, and KMS.
Notes
- Checks include misconfiguration detection, security best practices, and risk identification
- Coverage is continuously expanding with new services and rules
- Advanced checks include identity exposure, public access risks, encryption gaps, and logging misconfigurations