Features
One operator. Every cloud. Every stack you already run.
Eight capability areas — six K8s probes, thirty cloud probes, five whitelisted fixers, four AI tiers, and the safety envelope holding it all together.
K8s probes
shipped6 native probes + 8 analyzers across 14 GVRs. Vault/ESO/CNPG/Ceph/cert-manager depth no SaaS tool matches.
Read more →
AWS probes
shipped10 probes covering RDS, EBS, EKS, IAM, ALB, ACM, KMS, S3, VPC. IRSA-first auth — no long-lived keys.
Read more →
GCP probes
shipped10 probes covering Cloud SQL, GKE, IAM, LB, GCS, KMS. Workload Identity auth via the cluster identity.
Read more →
Azure probes
shipped10 probes covering Azure SQL, AKS, Identity, App Gateway, Key Vault. AAD Workload Identity native.
Read more →
k3s + edge
shippedReduced-footprint values bundle for single-node edge appliances. The same product, on a 2-CPU SBC.
Read more →
AI tiers (T0 → T3)
shipped (paid)LLM-augmented enrichment, fix proposal, multi-step planning, and Vault runbook proposer — all approval-gated.
Read more →
Ticketing integrations
partialOpenProject in OSS. Jira and ServiceNow in the paid Enterprise tier. DriftReport-to-ticket idempotency built-in.
Read more →
Safety envelope
coming soonWhitelisted fixers, signed-JWT click-to-fix URLs, dry-run mode, protected-namespace allowlist. Auditable in code.
Read more →