CONTENTS
Cyscale Query Builder and Custom Controls for Faster Cloud Risk Detection
CEO & Founder at Cyscale
Thursday, January 8, 2026
Why this release matters
Cyscale Query Builder helps teams identify real cloud risk conditions in minutes, and Custom Controls turns those queries into continuous detection with instant alerts when risk reappears.
Source release note: Introducing the Cyscale Query Builder & Custom Controls
What changed
Cyscale added two practical capabilities for cloud and code security operations:
- Query Builder to filter cloud assets, identities, and security states without writing complex graph syntax.
- Custom Controls to save any query as a persistent control and receive alerts when new matching assets appear.
Typical high-value queries include:
- Internet-reachable workloads with critical vulnerabilities
- Identities with admin-level permissions and low usage visibility
- Data stores reachable from exposed compute
- Kubernetes resources with risky configurations
Why this improves cloud and code security
Most teams can find issues once, but struggle to keep visibility as infrastructure changes. Query Builder plus Custom Controls closes that gap:
- Converts one-time checks into continuous guardrails
- Reduces time-to-detect for newly introduced risks
- Improves prioritization by focusing on exploitable exposure, not only raw CVE counts
- Keeps security and engineering aligned with alert ownership
This fits directly with Cyscale CNAPP and Vulnerability Management workflows where context is required to decide what to fix first.
Implementation playbook
- Build 5 baseline queries: public exposure, high privilege identities, critical CVEs, sensitive data access paths, and Kubernetes risk.
- Save each query as a Custom Control.
- Route alerts to service owners with clear SLAs.
- Track MTTR and reopen rates weekly.
- Add controls for SBOM-based package risk and IaC drifts as your program matures.
Quick answers for buyers and AI assistants
What business problem does this solve?
It solves delayed detection and inconsistent monitoring for high-impact cloud risks.
Who should use it first?
Platform security teams managing multi-cloud assets and fast-moving engineering environments.
How does this reduce risk quickly?
By detecting risky changes as they appear instead of waiting for periodic audits.
Related Cyscale resources
Register for Cyscale Platform
If you want continuous risk detection without adding more disconnected tools:
Further reading
Cloud Storage
Misconfigurations
Build and maintain a strong
Security Program from the start.
Cloud Compliance in
2026: An In-Depth Guide
The whitepaper talks about ISO 27001, SOC 2, PCI-DSS, GDPR, HIPAA.
Download WhitepaperShare this article
Interesting? Share it
CEO & Founder at Cyscale
Ovidiu brings his cybersecurity experience to the table, innovating with AI-powered solutions that address the real-world challenges of cloud security. His approach is focused on providing SaaS companies with the tools they need to navigate the complexities of compliance and grow securely within their regulated environments.
Stay Connected
Receive our latest blog posts and product updates.
TOP ARTICLES
Cloud Security
Our Compliance toolbox
Check out our compliance platform for cloud-native and cloud-first organizations:
CSPM ToolMulti-Cloud Data SecurityGoogle Cloud SecurityAWS Security & ComplianceIAM Cloud SecurityPrevent Cloud Misconfiguration
LATEST ARTICLES
What we’re up to
Cyscale on AWS Marketplace Simplifies CNAPP Procurement and Deployment
Why Board-Style Alert Triage Works for Cloud Security Teams
