Cartography
Cartography is an open-source Python security-graph tool originally built at Lyft that consolidates infrastructure assets and the relationships between them into an intuitive Neo4j graph. It ingests data from 30+ cloud, identity, DevOps, and security providers (AWS, GCP, Azure, OCI, Okta, Entra ID, GitHub, Kubernetes, CrowdStrike, and more) and lets security teams answer cross-provider questions such as "which identities can reach which datastores," "which compute instances are exposed to the internet," and "what are the blast radii of a compromised credential."
APIs
Cartography
Python tool that ingests infrastructure data from 30+ providers into a Neo4j graph for cross-provider security analysis.
Cartography AWS Intel Module
Cartography intel module that calls AWS APIs (EC2, IAM, S3, RDS, EKS, Lambda, ECS, DynamoDB, CloudWatch, ACM, KMS, CodeBuild, API Gateway, Bedrock, and more) to populate AWS nod...
Cartography Google Cloud Intel Module
Cartography intel module that calls Google Cloud APIs (Compute, IAM, Cloud SQL, GKE, Cloud Functions, Artifact Registry, Vertex AI) to populate GCP nodes and relationships in th...
Cartography Azure Intel Module
Cartography intel module that calls Azure APIs (App Service, AKS, CosmosDB, Container Instance, Key Vault, Storage, Virtual Machines) to populate Azure nodes and relationships i...
Cartography Oracle Cloud Intel Module
Cartography intel module that calls Oracle Cloud Infrastructure APIs (starting with IAM) to populate OCI nodes and relationships.
Cartography Okta Intel Module
Ingests Okta users, groups, applications, and factors into the graph for identity-focused security analysis.
Cartography Entra ID Intel Module
Ingests Microsoft Entra ID users, groups, applications, and role assignments into the graph.
Cartography GitHub Intel Module
Ingests GitHub organizations, repositories, users, and access relationships, enabling code-ownership and secret-exposure graph queries.
Cartography Kubernetes Intel Module
Ingests Kubernetes cluster objects (nodes, pods, services, service accounts) for graph-based cluster-security analysis.
Cartography CrowdStrike Intel Module
Ingests CrowdStrike Falcon hosts and detections, connecting endpoint telemetry to the infrastructure graph.
Cartography Cloudflare Intel Module
Ingests Cloudflare zones, DNS, and security configurations into the graph for edge-exposure analysis.