loading
Loading content
loading
Also known as CSPM
Cloud security posture management (CSPM) watches cloud accounts for settings that drift away from a secure baseline. It pulls configuration state through provider APIs across services like compute, storage, networking, and identity, then evaluates each resource against policy rules. The checks catch a storage bucket left public, a security group open to the internet, logging turned off, or encryption missing on a database.
The need comes from how cloud changes happen. Anyone with access can create or alter resources in seconds, and a single setting can expose data with no exploit required. Manual review never keeps pace, so CSPM runs continuously and re-evaluates the account every time something changes.
CSPM overlaps with related work. It surfaces cloud misconfiguration broadly, while IAM misconfiguration tooling drills into permissions and trust policies specifically. It complements container security, which inspects images and runtime rather than account-level config. Posture scans also expose shadow IT, since they enumerate every resource in an account, including ones nobody documented.
In a Trickest workflow, you schedule posture checks across accounts, normalize the findings, and route high-severity exposures into the same triage and ticketing pipeline as your other security signals.
Related terms