Arclight
Instant cloud security auditing
for Google
Cloud Platform.
Arclight analyzes your infrastructure, detects security risks, and helps you understand what's actually running in your cloud — in minutes, not weeks.
Everything you need to audit
your Google
Cloud.
Arclight replaces weeks of manual review with an automated, continuously-updated security assessment.
Instant Infrastructure Scan
Connect your GCP project and get a full audit in minutes — not days. Arclight maps every resource, permission, and configuration automatically.
Risk Detection Engine
Automatically flags critical misconfigurations — public buckets, overpermissive IAM roles, missing encryption, open firewall rules, and 100+ more checks.
CIS Benchmark Mapping
Every finding is mapped to CIS Google Cloud Foundations Benchmark. See exactly where you stand and what's needed for compliance.
Resource Inventory
Get a complete, real-time map of everything running in your cloud — compute instances, storage buckets, databases, network configs, and IAM bindings.
Actionable Remediation
Every finding comes with clear, prioritized remediation steps — including Terraform snippets and gcloud commands you can apply immediately.
Executive Reports
Generate polished PDF reports with security scores, finding summaries, and risk trends. Perfect for board meetings, investors, and compliance auditors.
Every risk, explained
and actionable.
Arclight doesn't just list problems — it tells you exactly what's wrong, why it matters, and gives you the code to fix it. Each finding includes severity rating, affected resources, and remediation steps.
Severity-Ranked
Critical, High, Medium, Low — focus on what matters first
Resource Context
Exact project, region, and resource identifiers for every finding
Fix in Terminal
Copy-paste gcloud commands and Terraform snippets included
Track Progress
Mark findings as resolved and verify on the next scan
Up and running in 4 steps.
No complex setup. No agents to install. No infrastructure to manage.
Connect Your Project
Grant Arclight read-only access to your GCP project via a service account. Zero infrastructure to deploy — it's fully SaaS.
Automated Scan
Arclight scans your IAM policies, network configs, storage permissions, compute instances, and 100+ security controls.
Review Findings
Findings are prioritized by severity with clear context — what's wrong, why it matters, and exactly how to fix it.
Fix & Monitor
Apply remediation steps, track progress, and schedule recurring scans to prevent regression.
Arclight vs. Traditional Audits
Traditional audits are valuable but slow and expensive. Arclight fills the gaps between them.
Arclight is designed to complement — not replace — deep manual security audits. Use both for maximum coverage.
Built for teams who ship fast.
Pre-Fundraise Security Posture
Investors and enterprise customers will run due diligence on your infrastructure. Arclight gives you an audit-ready report in minutes, not the 3 weeks before your deadline.
Continuous Compliance Monitoring
Schedule daily or weekly scans to catch configuration drift before it becomes an audit finding. Stay CIS-compliant at all times, not just during review season.
New Team Member Onboarding
Give new engineers instant context on your cloud environment — what's running, what's secure, and what needs attention. Better than any documentation.
Post-Incident Review
After a security event, run a full scan to check for lateral exposure, rule out further compromise, and document your security posture for stakeholders.
Frequently Asked Questions
What GCP services does Arclight scan?
How is access granted?
Does Arclight store my cloud data?
Can I use Arclight alongside manual audits?
Is Arclight available for AWS?
See Your Cloud.
Clearly.
Arclight is currently in early access. Request your invite and get a full security audit of your Google Cloud environment — on us.
Free during early access · No credit card required · Read-only access