Aqua's CSPM hosted product provides many advantages over periodically running a script against your infrastructure.


Primarily, CSPM ensures that scans are run at a regular interval, without fail. This guarantees that you never forget to run your script or that new vulnerabilities aren't missed until the next time you remember to run it. 


Additionally, CSPM provides a historical analysis of every scan it performs, allowing you to track risk status over time and download previous scan reports. This is incredibly useful for compliance and auditing purposes. The scan reports themselves also offer a wealth of information that a command-line script does not provide. For example, CSPM reports provide helpful remediation steps, links to AWS documentation, search filters, and suppression features. 


CSPM also updates on a continuous basis, receiving new plugins, event signatures, and other checks to enhance your security as new cloud services are announced.


Finally, CSPM can be configured to send alerts to email addresses, SNS topics, or Slack channels whenever risks of pre-defined types are detected. This means you'll never miss a potential compromise or security weakness.