@cloudqueryio profile picture
CloudQuery @cloudqueryio

A complete cloud asset inventory solution enabling smarter cloud audits, better cloud inventories, and more targeted security monitoring.

Joined February 2021
  • Tweets 1,130
  • Following 55
  • Followers 1,067
167 Photos and videos
Pinned Tweet
CloudQuery@cloudqueryio
5 Sep 2024
Sync data from any source to any destination with CloudQuery CLI. Simple, Fast, and Extensible Data Movement
1
1
549
Your S3 bucket just got flagged as publicly accessible. Is it actually a problem? Without knowing it also holds PII, hasn't been accessed in 47 days, and was provisioned by a contractor — you can't tell. That's what we built CQ Insights to fix 🧵
1
1
69
more replies
Not limited to built-in sources. Define custom checks with Policies and they surface in the same Insights view — correlated against your full asset inventory. SQL-powered, built on the data you've already synced. No extra agents.
1
31
Full writeup on why single-signal findings aren't enough: cloudquery.io/blog/introduci… Docs — supported integrations, filter options, custom Policies: cloudquery.io/docs/platform/…

Introducing CloudQuery Insights | CloudQuery Blog

CloudQuery Insights automatically surfaces connected signals across your cloud inventory: security findings, cost data, policy violations, and audit trails.

cloudquery.io
33
The CSPM market hit $1.64B in 2023, growing 45% YoY. Organizations keep buying more security tools. Misconfiguration rates stay flat. Something about this approach isn't working. Here's what we think is broken and how SQL fixes it. 🧵
1
64
more replies
Same query serves triple duty: investigation tool at 2am, compliance evidence for auditors, and automated policy check on a schedule. No translation between "what I wrote to investigate" and "what runs in production." Zero language gap.
1
26
We wrote out all five queries with full explanations, plus how to go from ad hoc investigation to automated CSPM in four weeks: cloudquery.io/blog/cloud-ope…

Cloud Security Posture Checks in SQL | CloudQuery Blog

Write cloud security checks in SQL instead of proprietary policy languages. See practical queries for public buckets, MFA, encryption, and more.

cloudquery.io
26
If your governance only runs when code ships, you're blind to most infrastructure changes that actually cause incidents. Deploy-time checks cover one pathway. Console changes, config drift, and cloud provider updates bypass your pipeline entirely. 🧵
1
1
45
more replies
Start with highest-risk policies on a schedule: public S3 buckets, open security groups, unencrypted storage, IAM without MFA. Low false-positive, high-risk checks where drift creates the most damage. Get these running first, then expand.
1
22
Full implementation guide with 20 production-ready SQL governance queries and the policy lifecycle walkthrough: cloudquery.io/blog/cloud-ope…

Beyond Deploy-Time: Continuous Cloud | CloudQuery Blog

Deploy-time policy checks miss console changes, configuration drift, and external changes. Continuous governance catches what CI/CD pipelines cannot.

cloudquery.io
15
Load more