According to the latest KPMG Cloud Monitor , 66% of companies in Germany now use cloud computing. But with the cloud comes greater complexity: Incorrect configurations can result in sensitive data being disclosed. SMEs in particular therefore frequently rely on compliance tools to support them in the secure and legally compliant use of cloud services. However, the fact that the providers of these services are often based abroad puts many companies off. With the Clouditor , the Fraunhofer Institute for Applied and Integrated Security AISEC has now developed an assurance tool from Germany that checks the secure configuration of cloud services and detects vulnerabilities.

The Community Edition of the Clouditor is now available for free on GitHub . “We want to make sure that even SMEs with few resources can leverage the advantages of the cloud,” says Dr. Philipp Stephanow, Senior Researcher and Project Leader. The tool is based on configuration catalogs that describe security best practices and can be customized. The Clouditor stands out from proprietary compliance services for its neutrality. It is developed on an open-source basis, which means the community can view the source code at any time.