Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform, Azure, DigitalOcean, Hetzner, Kubernetes, and GitHub.

How Fix Inventory works

The tool operates in three key phases to help organizations manage their cloud security:

Collect inventory data – The tool queries cloud infrastructure APIs in an agentless manner to gather metadata about resources within cloud accounts.

– The tool queries cloud infrastructure APIs in an agentless manner to gather metadata about resources within cloud accounts. Normalize cloud data – Fix Inventory structures this data into a graph schema, offering a unified view of all detected cloud resources, their configurations, and relationships.

– Fix Inventory structures this data into a graph schema, offering a unified view of all detected cloud resources, their configurations, and relationships. Triage security risks – By scanning collected data against pre-configured and custom compliance frameworks, it identifies misconfigurations, vulnerabilities, and other security risks.

Additionally, Fix Inventory enables seamless integration with alerting and remediation workflows by providing ways to export and utilize collected data.

Why cloud asset inventory matters

Modern cloud environments are inherently fragmented, posing organizational visibility and security challenges. Fix Inventory addresses key issues such as:

Resource proliferation – With microservices, containers, and serverless architectures, cloud resources are more numerous and abstract than ever.

– With microservices, containers, and serverless architectures, cloud resources are more numerous and abstract than ever. Bulkhead partitioning – Cloud providers encourage resource segmentation for security and isolation, making it harder to maintain a consistent security posture.

– Cloud providers encourage resource segmentation for security and isolation, making it harder to maintain a consistent security posture. Shared ownership – Infrastructure-as-Code (IaC) and CI/CD pipelines empower engineers to deploy resources rapidly, increasing complexity.

– Infrastructure-as-Code (IaC) and CI/CD pipelines empower engineers to deploy resources rapidly, increasing complexity. Multi-cloud complexity – Organizations leverage multiple cloud providers to benefit from unique service offerings, creating visibility gaps.

Fix Inventory consolidates all cloud assets into a single source of truth, allowing organizations to search, explore, and manage their resources in a structured, consistent manner, regardless of provider, account, or namespace.

Fix Inventory is available for free on GitHub.

