Agentless Scanning

Agentless scanning lets you inspect the risks and vulnerabilities of a cloud workloads without having to install an agent or affecting the execution of your workload. Prisma Cloud gives you the flexibility to choose between agentless and agent-based security using Defenders. Prisma Cloud supports agentless scanning cloud workloads on AWS, Azure, GCP, and OCI for vulnerabilities and compliance.
Continue reading this page to learn about the agentless scanning modes, architecture, and results.
Follow the in step-by-step instructions to configure agentless scanning and start scanning your AWS, Azure, GCP, and OCI accounts for vulnerabilities and configuration risks with agentless scanning.

How Agentless Scanning Works

There are two ways you can set up agentless scanning with Prisma Cloud.
  • Scan all hosts of a cloud account within the same cloud account, or
  • Scan all hosts of a cloud account, called target account, from another dedicated cloud account, called hub account.

Agentless Scanning Modes

Same Account Mode

Scan the workloads and container images of a cloud account using the same cloud account. This mode spins up temporary scanning instances in the account.
  1. Prisma Cloud lists instances in each account and creates snapshots for each instance.
  2. Prisma Cloud starts spot instances, called scanners, within the same account, attaches snapshots, and performs the analysis.
  3. Scanners send results to the Prisma Cloud Console.
  4. Scanners and snapshots created by Prisma Cloud are deleted.
  5. Process repeats for periodic scans.

Hub Account Mode

Scan the workloads and container images of a cloud account (the target) using another cloud account (the hub). This mode spins up temporary scanning instances in the hub rather than in the target(s).
  1. Prisma Cloud only spins up scanners in the dedicated hub account and attaches snapshots of instances from other accounts to the scanners in the hub account.
  2. Scanners send results to the Prisma Cloud Console
  3. Scanners then get deleted along with the snapshots that Prisma Cloud creates.
  4. Process repeats for periodic scans.

Recommended For You