Asset Management
You cannot protect
what you do not see
Alvor builds a living inventory across every environment — 17 asset types, 6 categories, one source of truth — and connects each asset to the risks, policies, and compliance controls that depend on it.
Core capabilities
Complete visibility, zero blind spots
Continuous Discovery
Find every asset — managed or shadow, cloud or closet. Ingest via API integrations, CSV/JSON import, or manual entry.
Intelligent Classification
Tag each asset with criticality, data sensitivity, regulatory scope, and encryption status. Dual ownership baked in.
Full Lifecycle Tracking
Follow every asset from Plan through Acquire, Deploy, Operate, and Retire. No stale spreadsheet rows.
Data Governance
Attach governance records: data types (PII, PHI, PCI), retention periods, encryption, processing justification.
Automated Recertification
Campaigns on your schedule. Owners notified at 7, 3, and 1 day before deadlines. Overdue assets auto-escalate.
Dependency Mapping
Map upstream and downstream relationships between assets, services, and data flows.
How it works
Discover. Classify. Certify.
DISCOVER
Find every asset, managed or shadow
Four ingestion paths ensure nothing hides. API integrations pull from Veracode, AWS, Azure, and GCP. Bulk CSV/JSON import handles legacy data. The REST API lets you build custom connectors.
- Veracode integration live — SAST, DAST, SCA findings auto-linked
- HMAC-SHA-256 authenticated sync with configurable schedules
- 196 pre-defined fields across 17 built-in asset types
CLASSIFY
Context that outlives the person who entered it
Criticality levels, data classification tiers, encryption tracking, regulatory scope, dual ownership, and a flexible EAV architecture for custom fields.
- Criticality: Low, Medium, High, Critical
- Data classification: Public, Internal, Confidential, Restricted
- Lifecycle phases: Plan → Acquire → Deploy → Operate → Retire
CERTIFY
Recertification on your schedule
Certification campaigns run on your schedule — monthly, quarterly, annual, or custom. Owners are notified at 7, 3, and 1 day before the deadline. Overdue assets auto-escalate.
- Immediate or scheduled campaigns with configurable grace periods
- Auto-escalation after N days overdue to specified roles
- Full certification history: created, completed, extended, cancelled
The connective tissue
One asset, every context
In Alvor, every asset is natively linked to the modules that depend on it. A vulnerability flows to a risk, maps to a compliance control, triggers an action plan — all traced back to one record.
prod-db-primary
AWS RDS · us-east-1 · vpc-0a1b2c3d
3
linked risks
Risk
Criticality informs risk scoring. Impact analysis auto-links to affected assets.
12
controls mapped
Compliance
Evidence campaigns target asset groups. Scoring weighs inventory completeness.
5
design reviews
Secure by Design
Architecture diagrams reference asset nodes. Findings create linked risks.
8
active policies
Policy
Policies scope by asset type. Exceptions and acknowledgments target custodians.
24
secrets managed
Secrets Vault
Zero-knowledge vault. AES-256-GCM at rest, automated rotation schedules.
Connects to your stack
Bring your tools, keep one inventory
Encrypted credential storage · Configurable sync schedules · Full audit trails
Get started
See how Alvor works for your role
Whether you lead security, run IT, manage compliance, or sit in the C-suite — we'll show you your view.