Skip to main content

Creating a Creating Cloud Workload Scan

Overview

DeepTraQ enables organizations to perform cloud workload vulnerability assessments across cloud environments such as AWS, Azure, and Google Cloud Platform. The platform provides real-time visibility into vulnerabilities, exposed services, and compliance risks across cloud infrastructure.

With automated resource discovery and flexible scan configuration, users can quickly create security scans tailored to their environment. DeepTraQ allows security teams to analyze cloud resources such as virtual machines, databases, and storage services without requiring manual asset entry.

This documentation explains how to configure and launch a cloud workload security scan using the DeepTraQ dashboard.

Supported Platforms

Cloud workload vulnerability scans can be performed on the following cloud environments:

  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Google Cloud Platform (GCP)

DeepTraQ automatically discovers cloud assets such as:

  • Virtual Machines
  • Databases
  • Storage services
  • Network services

These assets are included in the vulnerability assessment during the scan.

Prerequisites

  • A cloud connector must be configured for the target cloud environment.
  • The connector must have appropriate permissions to access cloud resources.
  • Cloud resources must be accessible for discovery and scanning.

Scan Configuration

DeepTraQ allows users to configure scans with flexible parameters to match their security assessment requirements.

During scan configuration, users define:

  • Cloud provider environment
  • Connector or authentication credentials
  • Scan name and description
  • Tags for scan tracking and reporting
  • Scanner types and scan depth
  • Reporting and notification settings
  • AI-assisted analysis options

These parameters ensure that scans are properly identified and aligned with organizational security policies.

Resource Discovery

When a cloud connector is selected, DeepTraQ automatically retrieves cloud resources from the environment.

This includes resources such as:

  • Virtual machines
  • Databases
  • Storage accounts
  • Network services

Automated discovery removes the need for manual asset entry and ensures that the scan includes all relevant resources within the selected cloud environment.

Scanner Types

DeepTraQ supports different scanner types depending on the security analysis required.

For cloud workload assessments, commonly used scanner types include:

Port Scan

A port scan identifies open ports and exposed network services across cloud resources. This helps detect potential attack surfaces and misconfigured services.

Discovery Scan

A discovery scan identifies active assets and services within the cloud environment. This scan provides visibility into infrastructure components that may require further security analysis.

Multiple scanner types can be selected depending on the depth of analysis required.

AI Assistant Options

DeepTraQ provides optional AI-powered analysis features that help interpret scan results and generate summarized insights.

Users can enable the AI assistant during scan configuration and select the desired analysis type.

Example AI assistant options include:

  • Vulnerability summary
  • Security insights
  • Risk analysis summaries

These insights help security teams quickly understand scan findings and prioritize remediation activities.

Scheduling Options

Scans can be executed immediately or scheduled for a later time.

Scheduling options allow teams to automate regular security assessments without manual intervention.

Available execution modes include:

  • Run scan immediately
  • Schedule scan for a specific time
  • Configure recurring scans for continuous monitoring

Steps

  1. Navigate to Scans → Create Scan in the DeepTraQ dashboard.
  2. Select the cloud provider environment (AWS, Azure, or GCP).
  3. Choose an existing cloud connector or manually provide credentials.
  4. Allow DeepTraQ to automatically discover cloud resources.
  5. Enter the scan name, description, and relevant tags.
  6. Configure scan depth and coverage options.
  7. Select the required scanner types such as Port Scan or Discovery Scan.
  8. Configure reporting and notification settings.
  9. Enable the AI assistant if AI-powered insights are required.
  10. Choose whether to run the scan immediately or schedule it.
  11. Click Create Scan to deploy the scan.

Field Reference

FieldDescriptionExample
Cloud ProviderThe cloud environment selected for the scan.Azure
ConnectorAuthentication method used to access cloud resources.Azure Connector
Scan NameA unique name used to identify the scan.Azure Infrastructure Scan
DescriptionAdditional details about the purpose of the scan.Weekly vulnerability scan
TagsLabels used for organizing and tracking scans.production, security
Scanner TypeThe type of scanning engine used during the assessment.Port Scan
AI AssistantOptional AI-powered analysis of scan results.Vulnerability Summary
Execution ModeDefines whether the scan runs immediately or is scheduled.Run Now