CSPM

Premium

Cloud Security Posture Management scans your cloud infrastructure for security misconfigurations. CodePhreak uses Prowler under the hood to provide comprehensive multi-cloud scanning.

Quick Start

# Basic AWS scan
$ codephreak cspm --provider aws

# With specific profile and regions
$ codephreak cspm --provider aws --profile production --regions us-east-1,us-west-2

# CIS compliance check
$ codephreak cspm --provider aws --compliance cis

# Output to SARIF format
$ codephreak cspm --provider aws --output report.sarif --format sarif

Supported Providers

AWS

Amazon Web Services

codephreak cspm --provider aws

Azure

Microsoft Azure

codephreak cspm --provider azure

GCP

Google Cloud Platform

codephreak cspm --provider gcp

Command Options

OptionDescriptionDefault
--providerCloud provider (aws, azure, gcp)aws
--profileAWS profile or Azure subscription IDdefault
--regionsComma-separated regions to scanall
--complianceCompliance framework (cis, soc2, pci, hipaa)-
--outputOutput file path-
--formatOutput format (json, sarif, csv)json

Compliance Frameworks

CIS Benchmarks

Center for Internet Security best practices

--compliance cis

SOC 2

Service Organization Control 2

--compliance soc2

PCI DSS

Payment Card Industry Data Security Standard

--compliance pci

HIPAA

Health Insurance Portability and Accountability Act

--compliance hipaa

Example Output

$ codephreak cspm --provider aws

๐Ÿ” Starting CSPM scan: AWS with prowler
   Profile: default
   Regions: all

โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”“
โ”ƒ     CSPM Scan Results (AWS)            โ”ƒ
โ”กโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ฉ
โ”‚ Total Checks  : 245                    โ”‚
โ”‚ Passed        : 198 (80.8%)            โ”‚
โ”‚ Failed        : 42                     โ”‚
โ”‚ Manual Review : 5                      โ”‚
โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ค
โ”‚ Critical : 3    High : 12              โ”‚
โ”‚ Medium   : 18   Low  : 9               โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

๐Ÿ”ด Critical Findings:
  โ€ข S3 bucket 'logs-bucket' has public access
  โ€ข IAM user 'admin' has no MFA enabled
  โ€ข RDS instance 'prod-db' is publicly accessible

๐Ÿ“Š Results synced to dashboard
   View at: https://codephreak.ai/dashboard

Prerequisites

AWS

  • โ€ข AWS CLI installed and configured (aws configure)
  • โ€ข IAM permissions: SecurityAudit policy or equivalent read-only access
  • โ€ข Prowler installed (pip install prowler)

Azure

  • โ€ข Azure CLI installed and logged in (az login)
  • โ€ข Reader role on target subscription

GCP

  • โ€ข gcloud CLI installed and authenticated
  • โ€ข Viewer role on target project

Dashboard Visualization

CSPM results are automatically synced to the web dashboard where you can:

  • View severity breakdown charts
  • Filter by service and region
  • Export findings to various formats
  • Track remediation progress over time
Try the Dashboard Demo