Skip to main content
Skip table of contents

Cloud Security Posture Management

How Do I Sign Up?

Follow these steps to start monitoring your environment:

Step 1

Sign up for a free Armor demo.

Step 2

Log into Armor CSPM.

Step 3

Set up a Connector in the Armor Management Portal (AMP).

Step 4

Run a Report.

Product Overview

Armor Anywhere with cloud security posture management (CSPM) enables users to monitor the security posture of their public cloud infrastructure and helps them remain compliant against major mandates such as PCI, HIPAA and CIS Benchmarks. Users can quickly identify and get direction to remediate accidental risks through the Armor Management Portal.

CSPM currently supports the following three public cloud environments:

  • Amazon Web Services (AWS)

  • Microsoft Azure

  • Google Cloud Platform (GCP)


Ease of Use

Immediate setup with no workload interference

CSPM can be set up in minutes and does not require an Armor Anywhere agent. CSPM uses cloud connectors to establish connection into a user's public cloud account. Cloud connectors use APIs to aggregate data from user accounts without interfering with their public cloud service. It builds an inventory of the cloud account with detailed metadata and relationship mapping used for subsequent analysis.

Comprehensive workload visibility

Armor Anywhere with CSPM delivers a single-pane-of-glass view across all deployments from the Armor Management Portal. CSPM discovers and aggregates a user's assets and resources from one or multiple cloud providers.

Compliance Features

Mandate based assessments

Users can view the compliance posture of their environment against selected compliance mandate(s). Example report views include HIPAA and PCI.

Supported report generation of policies and mandates aligns with the supported cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

  • Discover and apply mandates on resources to detect cloud misconfigurations

Remediation and Resources

Each report pulled contains both resources and remediation steps for each control group. Compliance status of the assessment can be viewed for each resource.

In depth Compliance documentation can be found here.


Pricing is on a per connector basis. You are billed for each connector that was active during the month. A connector is comprised of a provider and a unique account id. Users may add several different connectors for a single provider where they have multiple accounts, or multiple accounts for multiple providers or just a single connector for one provider. A single account may consist of something like:

  • AWS - 987987987

  • AWS - 876876876

  • GCP - 1234123455

  • Azure - 4548484848

Each month, the invoice is billed for each active connection.

Rerunning a report should be done using the Rerun Report option. Deleting a connector and adding it back should not be done to rerun a report. A connector should not be deleted unless it is no longer required. A connector that is reporting offline or pending for an extended period of time should follow troubleshooting documentation.

Click for common billing scenarios...

Example 1: A connector is added and is active indefinitely.

  • January 3rd a connector for AWS account 239483292 is created.

  • The connector will appear on each monthly invoice until it is deleted.

Example 2: A connector is added and deleted in the same month.

  • January 15th a new connector for GCP account Id 88338833 is added.

  • January 16th the connector is deleted.

  • The connector will appear on the January invoice.

Example 3: A connector is added, deleted and added again in the same month.

  • A connector for AWS with account id 7878787 is created on January 3rd.

  • The connector is deleted on January 17th.

  • The connector is then added back with the same provider and account Id on January 25th.

  • The January invoice will include one charge for the connector.

Example 4: A connector is added and is active for 3 months.

  • A connector for GCP with account id 839 is created on January 1st.

  • The connector is active through March 31st.

  • The connector will show up on the invoices one time for January, February and March.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.