What are Scans?

What Are Scans?

A scan is an automated check that the OneClickComply platform runs against a connected integration to identify security issues, misconfigurations, and vulnerabilities. Scans are the mechanism through which the platform discovers Detections, the security findings that are central to maintaining your compliance and security posture.

How Scans Work

When an integration such as Google Workspace, Microsoft 365, or AWS is connected to the platform, that connection becomes available as a target for scanning. A scan runs against a single connection and evaluates it using a series of individual checks known as Tests.

Each Test examines one specific aspect of the connected environment - for example, "Is multi-factor authentication enforced for all admin accounts?" or "Are admin accounts separated from daily use?" Every Test within a scan returns one of four results:

ResultMeaning

Pass

The check met the expected security standard. No action is required.

Fail

The check did not meet the expected standard. A Detection is automatically created.

Error

The check could not be completed, typically due to a permissions or connectivity issue.

Skipped

The check was not applicable or could not run in the current context.

When a Test fails, the platform automatically creates a Detection - a record of the specific issue found, categorised by type and severity, and linked to the relevant compliance controls.

When Scans Run

Scans run in two ways:

  1. Scheduled scans: The platform's continuous monitoring runs scans on a recurring cycle, typically every two weeks. This time frame is configurable.

  2. On-demand scans: A scan can be triggered manually at any time from the platform. This is useful after applying a fix, to verify that a remediation has taken effect without waiting for the next scheduled scan.