How to Enable CSPM
Validated on 31 Mar 2026 • Last edited on 31 Mar 2026
Cloud Security Posture Management (CSPM) evaluates your DigitalOcean resources for misconfigurations and security risks, surfaces findings by severity, and provides guidance to help you resolve them.
To use Cloud Security Posture Management (CSPM), you need to enable the service from the Security section of the DigitalOcean Control Panel. CSPM is enabled at the team level, and you select a plan during setup.
Enable CSPM
-
In the Control Panel, click Security in the left navigation.
The Security page opens with the Cloud Security Posture Management (CSPM) tab selected.
-
Click Enable CSPM.
-
Choose a plan. The free plan evaluates standard resources. The basic plan adds workload evaluation (Droplets and managed databases), findings suppression, and Quick Fix.
-
Confirm your selection.
After enabling CSPM, you can run your first scan to evaluate your environment.
Enable Workload Coverage
If you selected a paid plan, you can enable coverage for individual workloads such as Droplets and managed databases. Only workloads with coverage enabled are evaluated during scans and counted toward billing.
To enable coverage, navigate to the CSPM page in the Control Panel and add the workloads you want CSPM to evaluate.
Next Steps
Now that CSPM is enabled for your team and you have chosen a plan, you can evaluate your resources and review what CSPM finds. Run a scan to refresh your posture, then open individual issues to understand severity and remediation options.
- Run a scan to evaluate your environment.
- Review findings and prioritize remediation.