See your AWS security risks in one free scan

Connect your AWS account with read-only access, run a security scan, and get a clear view of critical risks, failing checks, and compliance posture — without enterprise-tool complexity.

How CloudWizard Works

CloudWizard is designed for lean AWS teams that want fast, practical security visibility without hiring a full security team or wrestling with heavyweight enterprise tooling.

Connect with Read only access

Launch the onboarding stack in your AWS account to create a cross-account read-only role for scanning. CloudWizard inspects your environment without changing your infrastructure.

CloudWizard does not access:

  • Application payload data

  • Database contents

  • S3 object contents

  • Secrets or credentials

  • Runtime workloads

Run your first security scan

Start with a free scan to surface high-priority risks across core AWS services, then review findings in a clean dashboard instead of digging through fragmented console views.

Access is governed by the following:

  • Least-privilege permissions

  • Unique External ID per client

  • Short-lived STS credentials

  • Audit logging through AWS CloudTrail

  • Immediate revocation capability

Upgrade for deeper visibility

Move to Pro to unlock the full security dashboard, compliance explorer, richer findings detail, and ongoing posture visibility for customer audits and internal reviews.

Alignment with AWS Best Practices

  • Explicit trust relationships

  • Role-based access control

  • Short-lived credentials

  • Audit logging

  • Least-privilege design

Security Snapshot

Free Version

See your overall AWS security health at a glance. CloudWizard’s free Security Snapshot pulls together your pass rate, total open fails, and a breakdown by severity, service, and region so you can immediately see where you’re exposed. Use it to answer, in one screen, “How bad is it, and where do we start?”

Turn Findings Into Answers

Turn raw AWS findings into a clean snapshot you can share with your team. Export high‑level results or walk stakeholders through the charts without opening the AWS console.

Critical Risks

Free Version

CloudWizard highlights the risks that actually matter. The Critical Risks view groups failing checks into a single card and surfaces issues like public S3 buckets, over‑permissive IAM policies, and exposed Lambda secrets. Instead of combing through hundreds of findings, you get a focused list of misconfigurations that could lead directly to a breach.

Prioritise Critical Fixes Faster

Use the critical risk summary to brief founders, CTOs, or customers in minutes. Each card explains the impact in plain language so non‑security specialists can understand why it needs fixing.

Compliance Snapshot

Free Version

Quickly see how your AWS environment lines up against key security frameworks. The free Compliance Snapshot shows pass rates and failing controls across baselines like AWS account onboarding and foundational security best practices. It’s an easy way to gauge how much work sits between today and a formal audit or customer security review.

Prepare Compliance Evidence Sooner

Turn your compliance view into a starting point for SOC 2 or ISO prep. Share the snapshot with auditors or customers to demonstrate that you’re actively measuring your AWS posture, even before you upgrade to Pro.

Start free, upgrade when ready

Simple pricing for lean AWS teams

Start with a free AWS scan, then upgrade to Pro when you need deeper security and compliance visibility.

Monthly Pro and Annual Pro require a free CloudWizard account first.
Free

Security Scan

$0 to start

A fast baseline for founders and small AWS teams.

  • Run a free AWS security scan
  • See a high-level posture snapshot
  • Review key risks and failing checks
  • Create your CloudWizard account
Start free
Most popular
Pro Monthly

Full Visibility

$49.95 / month

For teams that need ongoing visibility into findings and compliance posture.

  • Everything in Free, plus full Pro dashboards
  • Deeper findings context and investigation detail
  • Compliance dashboard and explorer
  • Ideal for audits, reviews, and questionnaires
Upgrade to Monthly Pro
Pro Annual

Best Value

$39.95 / month billed annually

Lower annual cost for teams using CloudWizard continuously.

  • Everything in Pro Monthly
  • Save 20% with annual billing
  • Lower predictable yearly cost
  • Best for recurring audits and customer reviews
Upgrade to Annual Pro
You always begin with a free AWS security scan. Pro upgrades are managed securely inside the CloudWizard app via Stripe.

Testimonials

CloudWizard helps CTOs and DevOps teams gain continuous AWS security visibility — without enterprise overhead.

“CloudWizard completely transformed the way we manage AWS at Big Purple Phone. When we first engaged, our cloud architecture was inefficient and our security posture lacked the enterprise-level hardening we required. The dashboard immediately surfaced hidden waste and security gaps we hadn’t even realized were there. Beyond identifying issues, it gave us clarity on what to prioritize. We optimized infrastructure, tightened security controls, and built a scalable AWS foundation that now gives us full confidence in both our cloud spend and our security roadmap.”

James Henderson
Technical & Operations Director, Big Purple Phone

“CloudWizard gave us instant visibility into AWS posture without adding another complex toolchain. We found issues we didn’t know we had, and audit prep became substantially easier.”

Alex L. — DevOps Lead

“Setup was fast. The dashboard is clear, the findings are actionable, and the pricing makes sense for a growing team. It’s visibility without the enterprise tax.”

Sam R. — CTO

Frequently Asked Questions

Quick answers about the free AWS security scan, CloudWizard Pro, pricing, and how we securely connect to your AWS account.

What do I get with the free AWS security scan?
The free scan runs once against your AWS account using a read-only role and gives you a security snapshot, critical risks view, and a basic compliance snapshot. You’ll see your overall pass rate, failing checks by severity, and examples of high-impact misconfigurations before deciding whether you need Pro.
How long does setup take?
Setup typically takes around 20-60 minutes depending on the size of your AWS Infrastructure. You deploy a CloudFormation stack that creates a secure, read-only cross-account IAM role in your AWS account. Once that’s in place, CloudWizard assumes that role with short-lived STS credentials and starts analysing your configuration automatically.
Do I need a dedicated security team to use CloudWizard?
No. CloudWizard is built for startups and lean AWS teams without full-time security staff. Findings are prioritised and written in plain English so CTOs, founders, DevOps, and engineers can act without a big security department.
How do you access my AWS account? Is it safe?
CloudWizard connects via a secure, read-only cross-account IAM role that you deploy in your AWS account.
  • The role trusts only the CloudWizard AWS account and can require a unique external ID.
  • Permissions are limited to read-only actions such as Describe, List, and Get for security posture inspection.
  • Access is performed using short-lived STS credentials rather than long-lived static keys.
  • You stay in control and can revoke access at any time by removing the role from your AWS account.
For a more detailed explanation, see our Security Access Architecture.
Do you read my application data, S3 object contents, or secrets?
No. CloudWizard is designed to inspect configuration metadata, not application payloads. We do not read database contents, S3 object contents, application code, or secret values. The scan focuses on security-relevant configuration such as IAM policies, public exposure, encryption settings, logging posture, and compliance-related control checks.
Does CloudWizard replace AWS Security Hub or GuardDuty?
No. CloudWizard complements AWS native services rather than replacing them. Many teams continue using Security Hub and GuardDuty as signal sources, while CloudWizard focuses on consolidated visibility, prioritisation, and reporting that’s easier for lean teams to act on.
How does pricing work?
You can always start with a free AWS security scan at $0. When you’re ready for deeper visibility, CloudWizard Pro is available as a subscription:
  • Monthly Pro: $49.95/month
  • Annual Pro: $39.95/month billed annually (save 20%)
Both Pro plans include the full security dashboard and compliance dashboard.
What’s the difference between Monthly Pro and Annual Pro?
Both plans include the same Pro features. Monthly Pro gives you flexibility with month-to-month billing. Annual Pro lowers the effective monthly cost by 20% and is better for teams planning to use CloudWizard as part of their ongoing security and compliance workflow.
Can I stay on the free scan only?
Yes. You can run the free scan, review the snapshot, and stop there if that’s all you need. Pro is only required if you want deeper dashboards, richer findings detail, compliance visibility, and ongoing posture management beyond the initial scan.
How do billing and cancellation work for Pro?
Pro subscriptions are handled securely through Stripe. Monthly plans renew each month and can be cancelled at any time; you keep access until the end of the current billing period. Annual plans are billed once per year and renew annually. You can manage or cancel your subscription from the billing portal inside CloudWizard.
How long do you retain scan data, and can we request deletion?
Scan results are retained only for as long as needed to provide dashboards, reporting, and historical comparisons for your account. If you cancel Pro or want your data removed sooner, you can request deletion and we will remove associated scan data from our environment, subject to any legal or compliance obligations. You can also revoke the cross-account IAM role at any time so CloudWizard can no longer access your AWS account.
Can CloudWizard help with SOC 2, ISO 27001, or customer security reviews?
Yes. CloudWizard helps you identify security gaps, understand compliance posture, and prepare for audits or customer questionnaires with clearer visibility into your AWS environment. It doesn’t replace an auditor, but it gives you a far better starting point for SOC 2, ISO 27001, enterprise questionnaires, and ongoing security reviews.