Start your free vulnerability scan.

The free scan is the on-ramp to the $499 audit — same deploy, same scan engine, same engineers. Free shows the picture in 5 minutes. The $499 unlocks the full inventory in one click. No credit card to start, no discovery call, no spam.

OWASP-Aligned Methodology CIS Benchmarks Mapping Letter Grade in Minutes

AWS

Free Cloud Audit for AWS

Scan your AWS account for misconfigurations, security gaps, and compliance issues.

Where we send your CloudFormation deploy link and scan results.

12-digit account number. Find it in the AWS Console (top-right account menu). We cross-check this against the account where you deploy the CloudFormation stack — catches the 'signed into the wrong account' case.

Your free scan delivers

Real findings. Not a teaser.

Free is the on-ramp to the $499 Full Audit Report — by design. Same automated scan runs at both tiers. Free returns a letter grade and top issues; the $499 unlocks all findings with evidence, CVSS scoring, and remediation guidance. One click from your free results page upgrades the report — no re-scoping, no re-deploying, no second form to fill.

Letter Grade

Single-letter grade (A through F) based on aggregate severity of findings across your surface.

Severity Counts

Critical · High · Medium · Low. Numerical breakdown across all findings. You see the scope before deciding whether to upgrade.

Top Issues

8–12 representative findings with brief description and category. Full details — evidence, all findings, remediation guidance, and CVSS scoring — are in the $499 Full Audit Report.

The free scan and the $499 report share the same automated audit pipeline. Difference is depth of presentation, not depth of audit. Buyers who need full evidence and compliance documentation upgrade in one click from the results page. Buyers who don’t, don’t — and the free deliverable stands on its own.

After your free scan

If you want depth, we have a path.

Free gives you the picture. The $499 Full Audit Report gives you the full inventory with evidence, severity scoring, CVSS, and remediation guidance. For manual depth on web apps, mobile, APIs, and authenticated business logic, our Pen Test tier starts at $3,499.

Free Scan

You are here

$0

Letter grade · Top issues · Severity counts

Full Audit Report

$499

All findings · CVSS scoring · Evidence + remediation · CIS v1.5 mapping

Buy Full Report from results page →

Activates from your free scan results page after delivery.

Pen Test

From $3,499

Manual testing by credentialed engineers · OWASP + business logic · Signed PDF report

See Pen Test details →

No pressure to upgrade — the free deliverable is complete on its own. The $499 path is one click from your results page when you need full findings, evidence, and compliance documentation. The Pen Test path is for buyers who need authenticated business-logic depth automation can’t reach.

Trust + privacy

What we do (and never do) with your scan.

What the free scan does

  • Scans your public web surface (DNS, TLS, headers, internet-exposed services, public exposures).
  • Or scans your AWS environment via your read-only role across 6 categories: IAM, Network, Data, Logging, FinOps, Architecture.
  • Aligns with OWASP Web Security Testing Guide and CIS Benchmarks.
  • Delivers a PDF + live results page available for 90 days.

What we never do

  • No authenticated probing — we don’t attempt logins.
  • No active exploitation — no payloads delivered.
  • No DDoS or load testing — no infrastructure stress.
  • No customer data review — we scan configuration, not records.
  • No sale or sharing of your scan results with third parties.
  • No marketing emails to your address beyond your scan delivery and one optional follow-up.

Your data, your control

Your scan results are yours. Your live results page never expires — we’ll flag it as stale after 90 days with a prompt to re-scan, but the data stays accessible. You can request deletion of your scan record at any time by emailing privacy@cloudupload.tech , processed via our automated GDPR endpoint. Full data handling: see our Privacy Policy.

Read our Privacy Policy →

Common questions

Quick answers.

Submit your domain in the form above and we’ll run a free automated vulnerability scan against your public web surface. The scan checks DNS configuration, TLS/SSL settings, security headers, subdomains, and internet-exposed services using OWASP-aligned methodology. You’ll receive a letter grade and the top issues we surface, delivered to your inbox in 2–5 minutes. No credit card, no discovery call, no signup required.

Yes — the form above is one. Cloud Upload’s free tier scans your public web surface or AWS environment with the same automated assessment used in our paid tier. The free tier returns a letter grade, severity counts, and 8–12 representative findings. The $499 Full Audit Report adds full findings with evidence, CVSS scoring, and remediation guidance. Both tiers use OWASP Web Security Testing Guide and CIS Benchmarks methodology.

Our Web Presence scan checks: DNS configuration, TLS/SSL certificates and protocols, HTTP security headers (X-Frame-Options, CSP, HSTS, etc.), subdomain enumeration, and publicly internet-exposed services. Our Cloud scan checks across 6 categories: IAM (identity and access), Network (security groups, NACLs), Data (storage encryption, backups), Logging (CloudTrail, audit trails), FinOps (cost-related security signals), and Architecture (overall configuration health). All findings are mapped to OWASP and CIS Benchmark frameworks.

Web Presence scans complete in 2–5 minutes. Cloud scans complete in 10–15 minutes from CloudFormation deploy. Both scans run automatically against your authorized surface — no manual review involved at the free tier. Results are emailed to you with a link to your live results page.

No. The Web Presence scan is passive external recon — we look at what’s already publicly visible (DNS, TLS, headers, internet-exposed services). The Cloud scan uses your read-only AWS role and only reads configuration metadata — no writes, no production traffic, no authenticated probing.

Only if you have authorization. Our Terms require that you have permission from the domain owner before submitting a Web Presence scan. For Cloud scans, the AWS account must be your own or you must have admin authorization to deploy the read-only role. Unauthorized scanning of third-party assets violates our Terms and may violate applicable laws.

No. We send your scan results, one optional follow-up if you don’t open the result email, and that’s it. We don’t share your email with third parties. We don’t add you to a marketing list without explicit opt-in. The unsubscribe link in every email works on one click. If something goes wrong, email hello@cloudupload.tech for a human response — typically within 1 business day.

Still have questions? Talk to the Team →