CloudQuery is joining env zero! We're moving from data to decisions.

Read the Announcement ❯

Read the Announcement ❯

Insights

Cloud intelligence that surfaces what matters.

Stop hunting through cloud consoles and CSPMs. CloudQuery monitors your entire asset inventory, automatically surfacing connected signals and uncovering hidden risk and waste.

Read the docs
https://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/reddit.02z4qlr_23si_.webphttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/mongodb.0qg5_h00fs-7m.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/hexagon.0t49gi4mxhc6j.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/tempus.17xwz5ivyosla.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/ridgeline.0jor28_0sc-i6.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/dunelm.03kd~u6-srf99.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/unicorne.0nom4z~safp4n.webphttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/reddit.02z4qlr_23si_.webphttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/mongodb.0qg5_h00fs-7m.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/hexagon.0t49gi4mxhc6j.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/tempus.17xwz5ivyosla.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/ridgeline.0jor28_0sc-i6.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/dunelm.03kd~u6-srf99.svghttps://cdn.cloudquery.io/website/fb6xp2j8g/_next/static/media/unicorne.0nom4z~safp4n.webp

Your cloud insights are stuck in silos

Wiz logo

Wiz

Security findings

AWS logo

AWS

Cost reports

GCP logo

GCP

Cloud console

Datadog logo

Datadog

Infrastructure alerts

Jira logo

Jira

Tickets & tracking

Snyk logo

Snyk

Vulnerability scans

Risk & Waste

Misconfigurations and excess cost are lurking in your cloud.

Engineering Toil

Teams waste hours stitching together context.

CloudQuery Insights

One view for what actually matters

Context-enriched Cloud Insights

  • Security findings
  • Cost anomalies
  • End-of-life warnings
  • Policy violations

All in a single, prioritized view.

Learn about Cloud Asset Inventory

Severity

All

Source

All

Resource Type

All

Account

All

Group by

Category

SEVERITY

FINDING

SOURCE

RESOURCE TYPE

RESOURCES

SEVERITY

FINDING

SOURCE

Critical

Public S3 bucket contains PII data

Wiz

aws_s3_buckets

3

Critical

Public S3 bucket contains PII data

Wiz

High

EC2 security group allows unrestricted ingress

AWS Security Hub

aws_ec2_security_groups

12

High

EC2 security group allows unrestricted ingress

AWS Security Hub

High

IAM user has not rotated access keys in 90+ days

Policies

aws_iam_users

7

High

IAM user has not rotated access keys in 90+ days

Policies

Critical

Repository has exposed secrets in commit history

GitHub

github_repositories

2

Critical

Repository has exposed secrets in commit history

GitHub

Automatic Correlation

Find connections that would take hours to uncover, reducing unseen risk and waste.

prod-api-server

i-0a1b2c3d4e

EC2 Instance

us-east-1

Correlated Insights

3 found
Critical

Wiz

Publicly exposed with critical vulnerabilities detected

High

AWS Security Hub

Security group allows unrestricted ingress on port 22

High

End of Life

Running deprecated AMI, end-of-life in 14 days

Rich Context

  • Owners
  • Cost and usage
  • IaC status
  • Related resources

Act immediately with the information you need.

Explore CloudQuery Policies

prod-api-server

i-0a1b2c3d4e

EC2 Instance

us-east-1

Ownership

Team

Platform Engineering

Owner

[email protected]

Business Unit

Infrastructure

Cost

Monthly (current)

$142.38

Instance type

m5.xlarge

Infrastructure as Code

Managed by

TF

Terraform

Module

aws_instance.prod_api

Related Resources

7

aws_ec2_security_groups

2

aws_ec2_ebs_volumes

3

aws_ec2_network_interfaces

1

aws_elbv2_load_balancers

1

See insights in action

Critical

Public S3 bucket with PII detected

S3 bucket is publicly accessible, contains PII detected by Wiz, and was created by a contractor account.

Wiz
Security

High

EC2 instance exposed with outdated AMI

EC2 instance has a security group open to 0.0.0.0/0 and is running an outdated AMI with known vulnerabilities.

AWS Security Hub
Security

Medium

Lambda runtime end-of-life in 30 days

Lambda function runtime reaches end-of-life in 30 days. Continued use poses security risks and may increase costs.

End of Life
Operations

High

SSL certificate expiring in 7 days

SSL certificate expires in 7 days. Affected resources may become unavailable or insecure without renewal.

End of Life
Security

Critical

K8s cluster EOL with public exposure

Kubernetes cluster is running an end-of-life version and has public-facing workloads with critical vulnerabilities.

Wiz + EOL
Security

Medium

Missing mandatory tags on production resources

Production resources are missing mandatory tags defined by organizational policy, blocking audit readiness.

Policies
Compliance

Critical

Public S3 bucket with PII detected

S3 bucket is publicly accessible, contains PII detected by Wiz, and was created by a contractor account.

Wiz
Security

High

EC2 instance exposed with outdated AMI

EC2 instance has a security group open to 0.0.0.0/0 and is running an outdated AMI with known vulnerabilities.

AWS Security Hub
Security

Medium

Lambda runtime end-of-life in 30 days

Lambda function runtime reaches end-of-life in 30 days. Continued use poses security risks and may increase costs.

End of Life
Operations

High

SSL certificate expiring in 7 days

SSL certificate expires in 7 days. Affected resources may become unavailable or insecure without renewal.

End of Life
Security

Critical

K8s cluster EOL with public exposure

Kubernetes cluster is running an end-of-life version and has public-facing workloads with critical vulnerabilities.

Wiz + EOL
Security

Medium

Missing mandatory tags on production resources

Production resources are missing mandatory tags defined by organizational policy, blocking audit readiness.

Policies
Compliance

Critical

Public S3 bucket with PII detected

S3 bucket is publicly accessible, contains PII detected by Wiz, and was created by a contractor account.

Wiz
Security

High

EC2 instance exposed with outdated AMI

EC2 instance has a security group open to 0.0.0.0/0 and is running an outdated AMI with known vulnerabilities.

AWS Security Hub
Security

Medium

Lambda runtime end-of-life in 30 days

Lambda function runtime reaches end-of-life in 30 days. Continued use poses security risks and may increase costs.

End of Life
Operations

High

SSL certificate expiring in 7 days

SSL certificate expires in 7 days. Affected resources may become unavailable or insecure without renewal.

End of Life
Security

Critical

K8s cluster EOL with public exposure

Kubernetes cluster is running an end-of-life version and has public-facing workloads with critical vulnerabilities.

Wiz + EOL
Security

Medium

Missing mandatory tags on production resources

Production resources are missing mandatory tags defined by organizational policy, blocking audit readiness.

Policies
Compliance

Find hidden risk and waste in your cloud

See how Insights surfaces the signals that matter across your entire cloud inventory.

CloudQuery Updates, In Your Inbox Weekly

Product

Resources

Legal

© 2026 CloudQuery, Inc. All rights reserved.