Cloud Modules
The Cloud Modules page lets you scan for cloud security misconfigurations associated with your domain. As organizations increasingly use cloud storage and services, it's critical to ensure these resources aren't accidentally exposed to the public internet.

Accessing Cloud Modules
From the Domains page, click the Cloud button next to any domain. You can also navigate here from the domain's sub-navigation in the sidebar.
Available Modules
S3 Buckets
Scans for Amazon S3 storage buckets related to your domain that may have:
Public read or write access
Misconfigured bucket policies
Sensitive data exposure
Listing enabled (allowing anyone to see bucket contents)
Ryft generates permutations of your domain name and common naming patterns to discover S3 buckets that may belong to your organization.
GCP Storage Buckets
Similar to S3 scanning, this module discovers Google Cloud Platform storage buckets associated with your domain. It checks for:
Public access misconfigurations
Overly permissive IAM policies
Exposed sensitive data
Cloud Asset Inventory
A comprehensive discovery module that identifies cloud infrastructure, services, and resources across multiple cloud providers. This gives you visibility into your cloud footprint and helps identify shadow IT or forgotten resources.
Running a Cloud Module
View results
When complete, results appear in a table below the module card.
Each module runs as a child scan, visible on the Scans page.
Viewing Results
Each cloud finding shows:
Resource name — The bucket or resource identifier
Type — S3 bucket, GCP bucket, or cloud asset
Status — Whether the resource is publicly accessible
Severity — The risk level of the misconfiguration (see severity levels)
Details — Specific information about what was found
All cloud findings also appear on the Findings page and are visible on the ASM Map as cloud asset nodes.
Triage
Just like vulnerability findings, cloud results support triage states:
Not Triaged — Default state
Validated — Confirmed as a real misconfiguration
False Positive — Not actually an issue
Resolved — The misconfiguration has been fixed
You can use both AI triage and manual triage on cloud findings. For more on triage, see AI Features — AI Triage.
Last updated
