For AI agents: The documentation index is at https://docs.digitalocean.com/llms.txt. Markdown versions of pages use the same URL with index.html.md in place of the HTML page (for example, append index.html.md to the directory path instead of opening the HTML document).

Cloud Security Posture Management (CSPM) provides visibility into your security posture and helps you identify, prioritize, and remediate risks across your DigitalOcean resources. CSPM is built into the DigitalOcean platform and does not require agents or additional infrastructure.

Resource Evaluation

CSPM evaluates your environment using two types of rules. Standard rules evaluate foundational infrastructure such as IAM, networking, and storage. Workload rules evaluate supported workloads, including Droplets and managed databases. This approach provides both broad visibility across your account and deeper, workload-specific insights.

CSPM evaluates resource configuration and does not modify your resources. When CSPM detects an issue it generates a finding with severity, impact, and remediation guidance.

Common risks that CSPM identifies include:

• Public exposure of services or data
• Weak or missing access controls
• Insecure network configurations
• Missing safeguards such as backups or monitoring
• Configuration issues that increase operational risk

Scanning

CSPM uses scans to evaluate your resources and identify potential security risks. All scans are started manually. There are no scheduled or automated scans.

Standard resources can be scanned at any time. Workloads with coverage enabled can be scanned as frequently as your plan allows. Scans generate findings that reflect the current state of your environment.

Findings and Prioritization

CSPM surfaces issues as findings organized by severity (Critical, High, Medium, and Low). Each finding includes a description of the issue, its business impact, and recommended remediation steps. Findings help you understand what risks exist and what to fix first.

Guided Remediation

Each finding includes step-by-step guidance to help you resolve the issue. Remediation guidance is tailored to the affected resource and helps you take action directly within the DigitalOcean platform.

Findings Suppression

You can suppress findings that are not relevant to your environment to reduce noise and focus on issues that require action. Suppression is available in paid plans.

Security Advisor

Security Advisor provides a summarized view of your security posture and helps prioritize findings. The summarizer highlights key risks and organizes findings by severity. Quick Fix enables faster remediation for supported findings in paid plans. Security Advisor is integrated into the security experience and helps reduce time to resolution.

Notifications

CSPM provides email notifications to keep you informed about security issues and changes in your environment.

Integrations and Export

CSPM supports API access for programmatic interaction and CSV export for reporting and analysis. These capabilities allow you to integrate CSPM data into your existing workflows.