Cloud asset inventory — the workloads, containers, serverless functions, VPCs and managed services in your cloud accounts. Inventory imports give Xygeni the asset graph that other findings (IaC misconfig, SAST, SCA) can then be correlated against.
Download and configure the CLI Scanner. See these guidelines.
Use the xygeni report-upload command:
Convert + upload (a report file produced by the tool):
xygeni report-upload -n=<Name> --report="path/to/report_file" -f=<format> [--branch="branch"]Pull (where supported — see the Pull mode section below):
xygeni report-upload -n=<Name> --pull -f=<format> [--filter key=value]Move to the Xygeni dashboard to see the results.
inventory-trivy-k8s
Trivy
Trivy Kubernetes cluster inventory, in JSON format
inventory-prisma-cloud
Prisma Cloud
Prisma Cloud cloud resources inventory, in JSON format
inventory-wiz-cnapp
Wiz CNAPP
Wiz CNAPP cloud resources inventory, in JSON format
The following formats also support pull mode — the scanner calls the tool's API directly instead of reading a report file from disk:
inventory-prisma-cloud
Prisma Cloud
Custom /login token (Prisma x-redlock-auth) — uses the RQL config-search endpoint
inventory-wiz-cnapp
Wiz CNAPP
OAuth2 client credentials with audience=wiz-api
See Pull-mode fetch for the per-tool walkthrough (env-var setup, selectors, filters).
If the entered name matches an existing project, the assets in the report will be linked to that project. If the project does not exist, a new project will be created.
Cloud resources from the inventory feed populate the Inventory section of the ASPM UI; correlation with other findings (IaC, SAST, SCA) happens automatically as those findings reference the same provider unique IDs.
Last updated