Blog and Resource Center
- Case Study
- How To
- Shift Left Join
News and Reviews
Daemon extends Steampipe's AWS Well-Architected Mod to improve workload assessments
Learn how a consultancy adopted and customized the Steampipe AWS Well-Architected Mod to expedite their customers' AWS workload assessments.
Build a Top 10 mod
Here's how to build a mod to check the top 10 AWS security tips. You can use this pattern to build your own custom mods to check other Top 10 lists.
Customization guide for the AWS Well Architected Mod: Part 2
Learn how to add support for a new pillar, Sustainability, using a custom control.
What's new in the CIS v2.0 benchmark for AWS
Our analysis of the latest CIS AWS recommendations.
An upgraded GitHub plugin uses GraphQL APIs to overcome throttling woes
These changes also create welcome headroom for the Compliance and Sherlock mods.
Customization guide for the AWS Well Architected Mod: Part 1
Learn how to add support for a new pillar, Sustainability, using controls cherrypicked from an existing mod.
What's new in the CIS v1.2 benchmark for OCI
Our analysis of the latest CIS OCI recommendations.
Steampipe Cloud 2023 Annual SOC 2 Type II Compliance
We're excited to announce that Steampipe Cloud has received its annual SOC 2 Type II certification.
v0.20.0: Faster startup & revamped mod dependencies
Discover the great new features in Steampipe's open source v0.20.0 release!
How software companies use Steampipe to enhance their products and services
Whether you embed Steampipe in your product or integrate with it, we welcome your stories and contributions!
How Claranet France leverages Steampipe for business process integration
Compliance checks running in AWS Lambda, and an in-house CMDB queried with a custom plugin, are just some of the uses they've found for Steampipe.
Aggregating connections in Steampipe Cloud
In a workspace, all connections of the same type are automatically aggregated. Now you also can define aggregators for subsets of connections.
SRE Spotlight: Optimize usage, inventory assets, and improve resource tagging
Senior SRE / Platform Engineer Paul Solomon highlights his recent use cases with Steampipe.
Accelerate your AWS Well-Architected assessments with Steampipe
Now consulting partners can more effectively run assessments, customize their results, and collaborate with clients.
Prevent unsecure devices from joining your network
Use Steampipe to join data from Vanta and Tailscale to enforce workstation security requirements to secure your network.
Visualizing GCP with Relationship Graphs
Use relationship graphs to easily navigate your GCP projects and gain insights to how all your resources are interconnected.
Steampipe images are moving to the GitHub Container Registry
If you’re fetching images from Docker Hub, you’ll want to switch over to GHCR.
Cloud resource tagging strategies for your organization
Ensuring compliance, conformance, and accuracy in your organization's tagging practices
Tackling Third-Party Risks in your AWS Environment
Learn to identify 3rd party access to Amazon Machine Images (AMIs) and IAM cross-account trusts.
Visualizing Kubernetes RBAC with Relationship Graphs
Use prebuilt dashboards to answer questions like 'Who can apply verb X to resource Y?', or answer your own questions with the point-and-click RBAC Explorer.
Visualizing AWS with Relationship Graphs
Use relationship graphs to easily navigate your AWS accounts and gain insights to how all your resources are interconnected.
A Steampipe-based Mastodon reader
Steampipe can help us participate effectively in a social network where people, not algorithms, control the flow of information.
Streamlining access to crucial business insights
Learn how to reuse data and make it accessible to your entire organization using Steampipe.
Add context to your cloud multi-account reports
Custom names and tags make benchmark results easier to read, filter, and organize.
Visualizing Azure with Relationship Graphs
Use relationship graphs to easily navigate your Azure subscriptions and gain insights to how all your resources are interconnected.
What's new in the CIS v2.0 benchmark for Azure
Our analysis of the Azure recommendations.
Secure your Terraform deployments in AWS
Use Steampipe with AWS CodePipeline & CodeBuild to validate your Terraform code before you deploy it.
Limit lifetime of GCP IAM service account keys
By default GCP IAM service account keys never expire. Use Steampipe to find expiration dates and prioritize updates for better protection.
v0.19.0: Dynamic table aggregation, Kubernetes CRDs
Discover the great new features in Steampipe's open source v0.19.0 release!
Snapshot, share, and schedule queries in Steampipe Cloud
You could already schedule periodic snapshots of benchmarks and dashboards. Now you can do the same for queries!
Uncovering Attack Paths with Cloud Resource Graphs
Leveraging Steampipe's Relationship Graphs for Penetration Testing in GCP
Visualizing Kubernetes with Relationship Graphs
Use relationship graphs to easily navigate your Kubernetes architecture and gain insights to how all the resources are interconnected.
Protect Auth0 identities from insider threats, credential stuffing, & more
Safeguarding your Auth0 environment is critical to protect your users. Learn how to protect against threats & enhance security posture with Steampipe.
Schedule snapshots of benchmarks and dashboards in Steampipe Cloud
To track changes over time it's helpful to run snapshots periodically. Now you can schedule them to repeat, and notify your team with summarized results.
Reuse and remix Steampipe benchmarks and dashboards
The Steampipe ecosystem provides thousands of named resources you can include in custom dashboards. But don't stop there, you can easily mix in your own queries and controls.
Find which secrets you still need to rotate in your CircleCI environment
Using Steampipe’s CircleCI plugin, you can query your project environment variables, SSH keys, and more into reports you can leverage to prioritize which secrets you need to focus on.
What's new in the CIS v2.0 benchmark for GCP
Our analysis of the latest CIS GCP recommendations.
How Steampipe translates SQL queries to API calls
A Steampipe plugin can map a Postgres WHERE clause to an API parameter. We took advantage of that to enable the Vercel plugin to query deployments by date.
Streamlining incident response investigations with Steampipe relationship graphs
Quickly visualize and identify attack paths an attacker could leverage. Relationship graphs provide an interactive visualization to navigate resource relationships and drill into asset details without authenticating into multiple accounts or jumping across regions.
v0.18.0: Relationship graphs
Discover the great new features in Steampipe's open source v0.18.0 release!
Steampipe made huge leaps forward in 2022!
Here's a month-by-month review of the highlights.
Mapping your AWS attack surface
To improve your application security program, chart the attack surface of your cloud’s network perimeter using Steampipe.
Why build an HTTP client into a database? So you can ingest web data directly!
When there isn't a Steampipe plugin to meet your need, the Net plugin's net_http_request table can save the day.
The Security Practitioner's Guide to AWS re:Invent 2022
Recap of the interesting security focused announcements.
KPIs as code: How CMD Solutions built tools for continuous controls assurance
The magic ingredient is Steampipe's ability to define information security performance metrics as SQL statements.
AWS pre:Invent 2022
We highlight AWS's interesting and impactful security announcements in the lead-up to AWS re:Invent.
Top 3 ways to improve GitHub org security
Gain some practical tips for securing your GitHub organizations based on findings from common security incidents.
A deep dive into AWS Resource Explorer
We dig into AWS Resource Explorer and discover how Steampipe can use it to enhance our resource coverage.
Steampipe Hacktoberfest 2022 Recap
New plugins, CLI improvements, blog posts, and more: How the Steampipe community rallied together during Hacktoberfest.
v0.17.0: Snapshots, share with cloud, workspace profiles
Discover the great new features in Steampipe's open source v0.17.0 release!
Keynote recap of Oracle CloudWorld 2022
If you’ve dismissed Oracle as a serious player in the cloud space, you may want to reconsider. Oracle CloudWorld’s keynote was very distinct from other recent cloud events in how Oracle is thinking about multi-cloud. Oracle’s roadmap will matter to cloud security practitioners regardless of your primary cloud provider.
Steampipe as software component
Why, and how, to call Steampipe from any programming language.
Security recap of 2022 Google Next and Microsoft Ignite
A rundown of the major security related announcements from Google Next and Microsoft Ignite with a view into where the major providers are heading with their security product offerings.
How to approach Tailscale security and compliance
New zero-config VPNs like Tailscale disrupt how we traditionally manage endpoints, connectivity, and network security. Steampipe can help manage the security and compliance of your Tailscale network.
Save and share Steampipe Cloud benchmarks and dashboards
Capture full-fidelity snapshots, then share them with others.
Enrich Splunk events with Steampipe
Splunk lookup tables can enrich AWS event data with IP-address/name mappings not available in CloudTrail. Here's how to build those tables with Steampipe.
Migration tracking with Steampipe
Learn how Steampipe served as the control tower for a systems migration.
Can't miss Security Sessions at re:Invent 2022
The sessions, chalk talks and workshops our resident Cloud Security Architect, Chris Farris, is excited about for re:Invent this year.
What's new in the CIS v1.5 benchmark for Azure
Our analysis of the Azure recommendations.
Hacktoberfest 2022: Steampipe
Earn swag for contributions to Steampipe!
Contributor Spotlight: Graza Andersson
He led his firm's adoption of Steampipe, and contributed a number of Steampipe plugins.
Contributor Spotlight: Ellis Valentiner
Learn how this data scientist works faster and smarter thanks to 'select * from cloud;' and 'dashboards as code'.
Consolidate your billing data across multiple AWS Organizations
Set budgets and track usage across AWS accounts using SQL.
View dashboards and run benchmarks in Steampipe Cloud
It's a few clicks to install mods that use connections in your workspace.
What's new in the CIS v1.5 benchmark for AWS
Our analysis of the five new recommendations.
v0.16.0: Major memory reduction, new benchmarks, secure AWS regions
Discover the great new features in Steampipe's open source v0.16.0 release!
Deepfence ThreatMapper integrates Steampipe to enhance security observability
ThreatMapper leverages contributions from the open source community to incorporate compliance insights from Steampipe.
Contributor Spotlight: François de Metz
Learn how this prolific open source author built his own Steampipe plugins to access a diverse set of SaaS APIs using SQL as the common language.
Gruntwork chooses Steampipe to deliver continuous compliance as a service
Steampipe’s openness and support for AWS CIS v1.4.0 were key factors
v0.15.0: Improved usability, telemetry, 9 new plugins
Discover the great new features in Steampipe's open source v0.15.0 release!
Shift Left Join: Where are those IP addresses coming from?
Enrich VPC FLow Logs with geographic locations from ipstack.
v0.14.0: Benchmark dashboards, Postgres 14, ARM64
Discover the great new features in Steampipe's open source v0.14.0 release!
Top 7 AWS cost-saving strategies
How to save big in AWS by cleaning up your underused resources, stale data, and more.
Use Steampipe to identify cost savings in AWS
An introduction to AWS Thrifty, a mod that finds underutilized AWS resources.
SQL for Google Sheets
Use the Google Sheets plugin to join spreadsheets with other tables, enforce named ranges, find secrets, and pivot with SQL.
v0.13.0: Dashboards, ltree, 6 new plugins
Discover the great new features in Steampipe's open source v0.13.0 release!
Dashboards as Code with HCL + SQL
Now you can visualize your queries, and easily build your own dashboards based on our library of examples.
SQL queries + compliance checks for Terraform files
Steampipe's Terraform plugin makes your .tf files queryable with SQL. A trio of new mods, for AWS/Azure/GCP, use the plugin to run compliance controls. Now you can check what you've defined as well as what you've deployed!
v0.12.0: Templates for control outputs, two new formats
Discover the great new features in Steampipe's open source v0.12.0 release!
v0.11.0: Faster startup and composable mods
Discover the great new features in Steampipe's open source v0.11.0 release!
v0.10.0: Better concurrency and caching
Discover the great new features in Steampipe's open source v0.10.0 release!
Shift Left Join: Find secrets everywhere
Use Steampipe to find secrets in all the nooks and crannies of your cloud infrastructure.
Using SQL to check spreadsheet integrity
The CSV plugin brings spreadsheet data to Steampipe. We show how to write compliance checks for that data.
When not to SELECT *
Steampipe can combine results from primary and subsidiary API calls. But when you don't need the subsidiary results, don't spend the API calls to get them.
A portrait of VSCode's external contributors
We build a data analysis pipeline to explore large GitHub repos. The same method will work with data from any Steampipe plugin.
v0.9.0: Dynamic tables & improved control outputs
Discover the great new features in Steampipe's open source v0.9.0 release!
A deep dive into AWS Cloud Control for asset inventory
We dig into AWS Cloud Control and explore how Steampipe can use it to enhance our resource coverage.
Using Steampipe's GitHub plugin to connect with your open source community
Review stale issues, visualize release cadence, and find external contributors
Adding a column to a Steampipe table
A small tweak to the GitHub plugin unlocks new capability
v0.8.0: Mod Variables, Tags & Syntax Highlighting
Discover the great new features in Steampipe's open source v0.8.0 release!
v0.7.0: AWS multi-account queries & Docker support
Learn what's new in Steampipe's open source v0.7.0 release
v0.6.0: Export and Filter Controls
Learn more about the new open source features in Steampipe v0.6.0
What's new in the CIS v1.4 benchmark for AWS
Analysis of the changes in the CIS v1.4 benchmark for AWS
v0.5.0: Controls, compliance benchmarks (CIS + PCI + custom) and lots of Hub updates
Learn more about the new open source features in Steampipe v0.5.0
New! Named Queries, Search Paths and Workspaces
Learn more about the v0.4.0 release of the open source Steampipe CLI.
Shift Left Join: Find all AWS EC2 instances not using IMDSv2
Join metadata across EC2 instances and IAM instance profiles.
Shift Left Join: Using Shodan to test AWS Public IPs
Shift Left Join Security: Threat hunting AWS IPs with Shodan and SQL.
New: Caching, Config and Improved Quals Handling
Learn more about the v0.3.0 release of the opensource Steampipe CLI.
Analysis of Cloud Provider Market Share – 2021
Using developer interest in infrastructure as code tools to gauge popularity of cloud providers.
New: AWS Multi-Region Queries and Query Caching
Learn more about the v0.2.0 release of the opensource Steampipe CLI.
The Hitchhiker's Guide to IAM Policy Wildcards
A quick reference to AWS IAM wildcard usage.
Steampipe ❤ Parliament
How Steampipe leveraged Parliament to make SQL queries against IAM even more powerful.
Normalizing AWS IAM Policies for Automation
Uncovering the power of SQL to analyze IAM policies via normalization of the AWS IAM policy syntax.
Top 10 Checks: IAM Credential Report
Learn how to generate and check your AWS IAM Credential Report for root accounts and users.
Monitor compliance of the AWS CIS 1.15 benchmark.
Ensure IAM users only receive permissions via groups.
Corral your untagged cloud cattle
How to quickly find cloud resources that are missing tags
Steampipe: select * from cloud;
The extensible SQL interface to your favorite cloud APIs