Introspector is a tool for companies with larger cloud deployments and complex regulatory requirements, including custom internal policies. Policy requirements are translated into SQL queries, enabling a database-backed reporting system to plug into your security, compliance, and governance infrastructure.


Gold Fig Introspector is a unique security and auditing tool that provides in-depth analysis of your cloud deployments using SQL queries. Query all your cloud providers' configurations in one place. All of your environments. All of your teams. All of your accounts. With a uniform way to ask questions finding outliers and deviations is made easy with Introspector. Whether your policies span your cloud provider (AWS, GCP, Azure), your source control provider (GitHub or GitLab) or your account system (Google GSuite, Microsoft Teams, Rippling, Okta) query them all from one place using Introspector. Go beyond CSPM (cloud security posture management) and query all of your infrastructure as it’s deployed.

Avoid sampling

When security and compliance are paramount, you need a tool that can go the distance. Go beyond sampling – gain insight into all of your configs with Introspector. Introspector is a powerful security and compliance tool that is capable of importing the full breadth of your cloud settings and configurations. Now, you can easily and confidently assert that your policies are in conformance across all accounts, regions, repositories, and teams. Whether you’re working with a large cloud deployment or just want to get a better grip on all of your configurations, Introspector will help you make sense of it all.

It’s a powerful alternative to manual auditing or taking screenshots of vendor consoles, which can be time consuming and error-prone.

Unlike traditional approaches that use a sampling based view of configurations, Introspector is able to import all settings and accounts.

Introspector is standalone Docker image that simplifies compliance monitoring for modern cloud infrastructure deployments. It provides the out-of-the-box visibility and reporting needed to satisfy the most demanding compliance requirements.

Standard SQL

Introspector’s results are presented in an easy-to-read reports that you can generate at a moment’s notice, so you know exactly how secure your infrastructure is and where the problems are. Since it is backed by standard SQL, this gives you flexibility to design and implement your own reporting solution for your company’s regulatory requirements. Your team is able to use existing SQL tooling to create custom dashboards for your compliance and security needs, or to send reports to external stakeholders. Pull in org charts, team membership, and join against your cloud configuration data. Easily export the SQL results to other systems for further processing. All with the power of standard SQL.