loader image

At the heart of our security and compliance monitoring system lies a powerful tool: Signatures. Essential to our proactive strategy, Signatures are meticulously crafted, rule-based checks. They work tirelessly, scanning your resources continuously to ascertain alignment with the most stringent security and compliance standards.

Introduction #

Definition #

Signatures are security checks on Cloudnosys that evaluate resource configurations against security benchmarks to identify risks.

Examples #

1. AWS: EC2-025

2. AZU: VM-005

3. GCP: IAM-001

Non-Examples #

Cloudnosys shows other non-signature risks as well, namely Malware & OS Vulnerabilities. But you may be wondering: why are security checks for these two NOT called ‘signatures’?

Because these security checks do not evaluate the configuration of resources – which goes against the definition of Signatures.

Relationship with Risks #

Signatures play a critical role in risk detection on Cloudnosys. Each time a signature identifies a configuration that does not meet the required security standards, it is flagged as a ‘failed’ signature, leading to the generation of a risk.

Conversely, a ‘passed’ signature indicates compliance and does not generate a risk.


  • Consider the signature AWS: EC2-025 that is titled “Ensure that existing EC2 instances have termination protection enabled”.
  • If Cloudnosys finds an EC2 instance without Termination Protection, the signature ‘fails’ for that instance, thereby generating a risk.
  • This risk is then cataloged and made accessible for review and action on the Risks page.

Signature Types #

Native #

Native Signatures are the signatures that are pre-built in Cloudnosys and are available for all users. All the signatures mentioned above so far are examples of native signatures.

Custom #

As the name implies, users can create their own signatures. For more information, go to this page: Custom Signatures.

Signatures Library #

Signatures are readily accessible within the Cloudnosys platform. To view them, navigate to the ‘Signatures Library’ tab, which is integrated into the Risks page.

For a more tailored experience, utilize the Search Bar and Filters to quickly pinpoint specific signatures that meet your criteria or are relevant to your resources.

Was this page helpful?