Cloud asset discovery for continuous attack surface coverage
Your cloud environment changes every day. New services spin up, configurations shift, and unintentional public exposures appear without warning. The Hexiosec ASM cloud connector complements ASM's outside-in discovery with an inside-out view of your cloud accounts, automatically identifying internet-facing resources and feeding them directly into your ASM scan.
Always know what’s exposed
The Hexiosec ASM cloud connector keeps your ASM scan in sync with your cloud reality. It automatically tracks internet-facing assets across Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure, adding new exposure points as they appear and retiring stale ones as they’re removed, so your attack surface stays complete, current, and clean.
View on GitHub
How the cloud connector works
Cloud asset visibility
- Read-only, least-privilege access with full audit logging.
- Continuous visibility into all cloud-hosted, internet-facing assets.
- Automatic detection of shadow IT and configuration drift.
Simple and automated
- Runs as a lightweight job in existing Terraform, Helm, or cloud scheduler workflows.
- One simple configuration file.
- Normalises and feeds assets into Hexiosec ASM.
Save time tracking cloud assets
- Minimal effort required to keep an inventory of public cloud assets.
- Improve governance and compliance with always-on discovery.
- Assets are continuously added and retired as your cloud changes.
Turn cloud complexity into clear, continuous visibility
The Hexiosec ASM cloud connector keeps your attack surface aligned with your cloud footprint, giving you confidence, clarity, and control over everything you expose to the internet.
