Cloud Advisor

EN

Sign inGet a demo
back All news

Agentless SSH Key Discovery in Public Cloud Environments

June 24, 2026

Cloud Advisor now supports agentless discovery of private SSH keys stored in plaintext on virtual machines.

After compromising a virtual machine, attackers typically look for opportunities to perform lateral movement within the environment. This is commonly achieved using:

  • service identities (such as service accounts);
  • exposed secrets (tokens, passwords, etc.);
  • compromised private SSH keys.

The presence of any of these issues can allow an attacker to escalate a local incident into a large-scale compromise of the entire cloud environment.

Cloud Advisor already provides visibility into service accounts and includes secret discovery capabilities for virtual machines and containers, detecting API keys, IAM Cookies, IAM tokens, AK/SK credentials, and other sensitive data. With the addition of SSH key discovery, the platform now covers all three primary methods of lateral movement in public cloud environments.

Private SSH keys are automatically detected using the agentless DiskScan technology, which provides comprehensive coverage across dynamic cloud infrastructures. Discovered keys are displayed in the Secrets section and are also incorporated into Attack Path analysis.

No additional configuration or user actions are required. Scan results are already available in the Cloud Advisor web console.

Agentless SSH Key Discovery in Public Cloud Environments