Security Scanning Overview
Amnify continuously scans your cloud environments for security misconfigurations, policy violations, and compliance gaps. Scans run across Azure, AWS, GCP, and Microsoft 365, producing actionable findings that your team can investigate, prioritize, and resolve.
How Scanning Works
When you trigger a scan — either manually or on a schedule — Amnify connects to your cloud provider using the credentials you configured in Integrations, inspects every resource in scope, and evaluates it against hundreds of security checks.
Each check evaluates a specific security best practice — for example, whether storage accounts enforce encryption, or whether IAM users have MFA enabled. A check either passes (the resource is correctly configured) or fails (a finding is created).
What You Get After a Scan
| View | What It Shows |
|---|---|
| Dashboard | Security score, trends over time, severity breakdown, and per-category health |
| Findings | Every failing check, filterable by severity, service, scope, and status |
| Compliance | How your environment maps against industry frameworks (CIS, PCI-DSS, SOC 2, etc.) |
| Scan History | A log of all past scans with their status and summary |
Severity Levels
Every finding is classified by severity:
| Severity | Meaning |
|---|---|
| Critical | Immediate risk — publicly exposed resources, missing encryption on sensitive data, or privilege escalation paths |
| High | Significant risk that should be addressed promptly |
| Medium | Best-practice violation with moderate risk |
| Low | Minor issue or hardening recommendation |
| Informational | No risk — included for visibility and audit completeness |
Security Score
Your Security Score is the percentage of checks that passed out of all checks evaluated. It appears on the Dashboard and includes a trend indicator comparing to your previous scan — so you can see at a glance whether your security posture is improving, declining, or stable.
Multi-Cloud Aggregation
If you have multiple cloud providers connected, the Dashboard aggregates results across all of them by default. You can filter by a specific provider using the cloud filter dropdown available on most pages.
Where to Go Next
- Dashboard — understand your security posture at a glance
- Findings — investigate and remediate individual issues
- Integrations — connect your cloud providers to start scanning
- Scan Scheduling — automate recurring scans