Cartography vs Steampipe
GitHub Stats
About Cartography
Cartography is a Python tool developed by Lyft that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by Neo4j. It ingests data from AWS, GCP, Azure, Okta, GitHub, and other services to build a comprehensive map of your cloud environment. Security teams use Cartography to identify attack paths, find misconfigurations, and understand blast radius by querying relationships between resources like EC2 instances, S3 buckets, IAM roles, and security groups. Its graph-based approach makes it easy to ask questions like 'which instances can reach this database' or 'which IAM users have admin access across accounts' that would be extremely difficult with flat inventory tools.
About Steampipe
Steampipe is an open-source tool from Turbot that lets you query cloud infrastructure, SaaS services, and more using standard SQL. Rather than learning dozens of CLI tools and API formats, you write SQL queries against a unified schema powered by PostgreSQL. With over 140 plugins covering AWS, Azure, GCP, Kubernetes, GitHub, Slack, and many others, Steampipe provides a single pane of glass for infrastructure visibility. Its compliance frameworks (called Mods) include pre-built benchmarks for CIS, NIST, PCI DSS, and SOC 2, making it a powerful tool for both security auditing and operational troubleshooting. Steampipe also supports dashboards for visualization and can export results in JSON, CSV, or markdown.
Platform Support
Tags
Cartography only
Steampipe only