Now available for AWS

Scan Your AWS
Infrastructure

See your actual waste and compliance risks. No agents. No modifications. EU-hosted.

5 minute setup
Find orphaned resources
Track SSL expiry
Start Free Today See How It Works
Read-only access
EU-hosted
GDPR compliant
Core Features

Everything you need to secure and optimize

Four powerful scanners working together to find waste, ensure compliance, and give you complete visibility.

Orphaned Resources

AI-powered detection of idle EBS volumes, unused EIPs, and forgotten snapshots draining your budget.

EBS volumes Elastic IPs Snapshots Cost estimates

SSL Certificates

Full coverage of ACM certificates and endpoint scans. Get alerts at 60, 30, 14, and 7 days before expiry.

ACM certificates Endpoint scanning Expiry alerts Multi-domain

Data Residency

EU-only compliance checks to flag resources deployed in US, Asia, or other non-EU regions.

GDPR compliance Region mapping Policy enforcement Audit reports

Cloud Inventory

Complete catalog of your AWS resources. EC2, RDS, S3, ALB, and more in one unified dashboard.

EC2 instances RDS databases S3 buckets Load balancers

How we compare

See why teams choose ScanOrbit over manual audits and native AWS tools.

Feature
ScanOrbit Recommended
AWS Cost Explorer Manual Audit
Setup time 5 minutes 30 minutes Weeks
Real-time alerts
Orphaned resources
SSL expiry tracking
Data residency checks
Varies
GDPR-safe (EU hosting)
Varies
Starting cost €0/mo Free (limited) €5k-50k
Simple Setup

Start scanning in under 5 minutes

No agents to install. No SSH access required. Just a simple IAM role with read-only permissions.

01

Connect AWS

Create a read-only IAM role in your AWS account. We provide the exact policy - no write permissions needed.

02

Automatic Scan

Our scanner analyzes all your resources across all enabled regions. Typically completes in 5-10 minutes.

03

Get Findings

Review prioritized findings with cost estimates, severity levels, and actionable recommendations.

iam-policy.json 
{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": [
      "ec2:Describe*",
      "rds:Describe*",
      "s3:GetBucketLocation",
      "s3:GetBucketTagging",
      "s3:ListAllMyBuckets",
      "elasticloadbalancing:Describe*",
      "acm:Describe*",
      "acm:List*"
    ],
    "Resource": "*"
  }]
}

Read-only permissions only. Zero write access.

Scan Capabilities

Multi-region
Parallel processing
Zero impact
Complete inventory

Finding Details

Severity scoring
Cost impact
Remediation steps
Export reports
Start Free Scan

No credit card required

Built for Security from Day 1

We're an early-stage startup, but security isn't a nice-to-have for us—it's foundational. Here's what we do today:

Read-only IAM access only
EU-hosted data centers
Encrypted at rest & in transit (AES-256 + TLS 1.3)
Zero agents = no network access to your instances

SOC2 & ISO 27001 audits scheduled for late 2026.

Simple, Transparent Pricing

Start free. Upgrade anytime.

Feature
Free
€0
Pro
€19 /month
Team
€79 /month
AWS Accounts 1 1 5
Scanner Types Limited All All
Scan Frequency Limited Unlimited Unlimited
Data Retention 7 days 30 days 90 days
Email Alerts
API Access
Scan Priority
Support Community Email Priority Email
Custom Schedules
Team Features
Get Started Start Free Trial Start Free Trial

Frequently asked questions

Everything you need to know about ScanOrbit security and features.

What's included in the Free plan?

The Free plan includes 1 AWS account, limited scanner types, limited scan frequency, and 7-day data retention. It's perfect for trying out ScanOrbit and getting started with basic infrastructure monitoring.

What's the difference between Pro and Team?

Pro (€19/month) is for individual DevOps engineers - you get 1 AWS account, all scanner types, unlimited scans, 30-day retention, and email support. Team (€79/month) adds 5 AWS accounts, API access, scan priority, custom schedules, team collaboration features, and priority email support.

Is there a free trial for paid plans?

Yes! Both Pro and Team plans come with a free trial period. You can also use our Free plan indefinitely to evaluate the core functionality.

How do you prevent unauthorized access?

We use a read-only IAM role with zero write permissions. Our policy only includes Describe* and List* actions - we literally cannot modify, create, or delete any resources in your AWS account.

Is my data safe?

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). We only store metadata about your resources - never the actual data inside them. Everything is hosted in EU data centers.

Do you modify any AWS resources?

Never. We only scan and report. Our IAM role has no write permissions. We can't start, stop, create, or delete anything. It's technically impossible for us to make changes.

How long does the initial scan take?

Typically 5-10 minutes depending on the size of your infrastructure. We scan all enabled regions in parallel for maximum speed. Subsequent scans are often faster as we optimize for changes.

What scanner types are available?

We offer orphaned resource detection (EBS volumes, Elastic IPs, snapshots), SSL certificate expiry tracking, data residency compliance checks, and complete cloud inventory. Free plan has limited access, while Pro and Team get all scanner types.

How long is data retained?

Free: 7 days. Pro: 30 days. Team: 90 days. You can request deletion at any time, and all data is permanently removed within 30 days per GDPR requirements.

Can I connect multiple AWS accounts?

Free and Pro plans support 1 AWS account. Team plan supports up to 5 AWS accounts with consolidated dashboards and cross-account reporting.

Can I cancel anytime?

Yes, you can cancel your subscription at any time. You'll continue to have access until the end of your billing period. No long-term contracts or cancellation fees.

Do you support other cloud providers?

Currently we support AWS only. Azure and GCP support is on our roadmap. Contact us if you're interested in multi-cloud support.

Still have questions?

Contact us directly