Cloud-native application protection · sovereign Europe
The sovereign European CNAPP.
Skans finds what is exposed across your European cloud, shows how it chains into a real attack path, and gives you the exact fix — with the evidence to prove it against ISO 27001, NIS2 and DORA.
- Read-only
- Agentless
- Built in Europe
- Data stays in the EU


Runs on European clouds
- ScalewayAvailable
- OVHcloudAvailable
- STACKITAvailable
- HetznerAvailable
- OutscaleComing soon
The platform
One CNAPP, one connection, one view.
Skans connects once, read-only, and turns a sprawling cloud account into a single picture of risk — from misconfigurations to the attack paths they open to the evidence that proves you fixed them. Eight modules are live today; the rest run on the same engine.
Posture
CSPMContinuous configuration checks across compute, network, storage, databases and identities.
AvailableAttack paths
How internet exposure chains through your network to reach the assets that matter.
AvailableInventory & graph
Every asset you run and how it connects, so a finding points at a real resource — by name.
AvailableCompliance
ISO 27001, NIS2 and DORA, scored control by control, with a dated evidence pack you can export.
AvailableIdentities
CIEMWho can do what, where access is excessive, and which keys to rein in.
AvailableDomains
DNSPublic DNS posture — DNSSEC, SPF, DKIM, DMARC and CAA, and the records that put your mail and domains at risk.
AvailableCosts
FinOpsCloud spend by provider and service, with anomaly signals that surface shadow AI and runaway resources.
AvailableAI
AI-SPMYour AI estate — exposed endpoints, model sovereignty and the shadow-AI cost signals that reveal it.
Available
- WorkloadsCWPPPlanned
- DataDSPMPlanned
See it work
Find it, fix it, prove it.
Attack paths
From the internet to your database, hop by hop.
Skans correlates exposure across your inventory into reachable attack paths, and lists the findings that open each one.


Remediation
Fixes you can paste, not advice.
Most findings ship with copyable CLI or Terraform commands adapted to their cloud provider; the rest give precise guided steps — all mapped to the ISO 27001, NIS2 and DORA controls they affect.
Compliance
Evidence your auditor can open.
Track ISO 27001, NIS2 and DORA control by control, see exactly what passes and what fails, and export a dated evidence pack as PDF or CSV.


How it works
Three steps to a posture you can trust.
- 01
Connect
Add a read-only API key. Skans never needs write access to your cloud.
- 02
Scan
Skans inventories what you run and checks it, on demand or on a schedule.
- Compute
- Network
- Storage
- IAM
- 03
Resolve
Findings ranked by severity, each with a step-by-step fix in English or French.
- Critical
- High
- Medium
Compliance & sovereignty
Prove your posture — and keep it in Europe.
Skans maps your findings to ISO 27001, NIS2 and DORA and exports the evidence to back it up. All of it runs in Europe, on European clouds — your inventory and findings never leave the EU.
- ISO 27001
- NIS2
- DORA
Start with a free diagnostic.
Connect a read-only credential and see your posture in minutes. No card, no agents.
Free tier — no card required. · See pricing