Security Knowledge Base
Cyscale Security Wiki
A practical security wiki built for engineering, AppSec, cloud, and compliance teams that work through finding triage, attack-path review, IAM risk, control evidence, and remediation workflows across SAST, DAST, SCA, secret scanning, IaC, container security, and CNAPP.
Platform Foundations
CNAPP
CNAPP combines cloud posture, vulnerability management, identity context, and compliance workflows into one operating model so teams can fix risk faster.
CSPM
CSPM continuously identifies cloud misconfigurations and policy violations across AWS, Azure, and Google Cloud to reduce breach exposure and audit risk.
Cloud Vulnerability Management
Cloud vulnerability management must connect software findings with runtime context so teams can prioritize exploitable and exposed issues first.
CIEM
CIEM helps teams understand excessive permissions, shadow access paths, and identity sprawl across multi-cloud estates.
DSPM
DSPM helps teams discover sensitive data, understand exposure paths, and improve governance across cloud storage and data platforms.
Attack Surface Management
Attack surface management is the ongoing work of finding, classifying, and reducing the assets and entry points attackers can target across cloud, SaaS, and hybrid environments.
Exposure Management
Exposure management is the practice of deciding which weaknesses are truly reachable, impactful, and worth fixing first based on context, not just severity scores.
ABVM
ABVM helps teams work the subset of vulnerabilities that are actually dangerous in their environment by combining scanner output with exposure, identity, and runtime context.
Agentless Cloud Scanning
Agentless cloud scanning uses cloud APIs, snapshots, and metadata to assess broad cloud environments without installing software on every workload.
Application Security and Code Scanning
SAST
SAST analyzes source code, bytecode, or compiled artifacts before deployment so teams can catch insecure coding patterns earlier in the delivery pipeline.
DAST
DAST evaluates running applications from the outside to identify exploitable behavior such as injection flaws, auth issues, and exposed attack surface.
SCA
SCA identifies vulnerable and risky open-source packages, transitive dependencies, license issues, and outdated components across modern software delivery pipelines.
Secret Scanning
Secret scanning detects exposed credentials, API keys, tokens, and certificates before they become an entry point into cloud or application environments.
IaC Scanning
IaC scanning reviews Terraform, CloudFormation, Kubernetes manifests, and similar files for insecure defaults before infrastructure reaches production.
Container Scanning
Container image scanning finds vulnerable packages, malware, secrets, and misconfigurations inside build artifacts before those workloads run in production.
API Security
API security testing validates authentication, authorization, schema handling, and business-logic resilience across modern service architectures.
License Risk and SBOM
SBOM and license analysis help teams understand what software components they ship and where legal, operational, or supply-chain exposure exists.
Dependency Malware
Modern dependency attacks use typosquatting, account takeover, and malicious package updates to compromise build pipelines and production systems.
End-of-Life Software
End-of-life software increases operational and security risk because unsupported components stop receiving patches, fixes, and ecosystem support.
Operational Programs
Kubernetes Security
Kubernetes security combines image scanning, RBAC review, network controls, workload hardening, and runtime context to reduce cluster risk.
Cloud Compliance
Cloud compliance programs work best when technical controls, evidence collection, and remediation ownership are continuous rather than audit-driven.
Multi-Cloud Security
Multi-cloud security requires consistent detection and remediation workflows across providers, not separate tooling islands by cloud.
Cloud Security for MSSPs
MSSPs need cloud security workflows that scale across customers while preserving clear tenant separation, ownership, and reporting quality.
Attack Path Analysis
Attack path analysis shows how separate issues combine into a route an attacker can actually use, helping teams break the highest-impact path instead of chasing isolated alerts.
CDR
Cloud detection and response helps teams detect, investigate, and contain cloud threats by correlating telemetry with asset, identity, and configuration context.
New Section
Controls, Standards and Frameworks, and Policies
Browse the Cyscale GRC catalog to inspect major control families, mapped standards and frameworks, and policy templates. Each entry shows connector coverage, covered asset types, and the underlying query logic used by Cyscale to generate control evidence.
Controls
Browse cloud, identity, Kubernetes, and application security controls with connector coverage and query logic.
519 entries
Standards and Frameworks
Explore mapped standards and frameworks that connect requirements to concrete controls and underlying queries.
22 entries
Policies
Policy templates and operating procedures that can be tied back to technical controls where available.
31 entries
Compare platforms and plan next steps
Use structured comparison pages to evaluate Cyscale against Wiz, Lacework, Zscaler, Orca, AWS native tools, Google Cloud native tools, and Microsoft Azure native tools.
