Unified security data platform for multi-cloud environments.
Hotpot throws your cloud security data into one pot.
Raw ingredients from GCP, AWS, and on-prem sources simmer through bronze, silver, and gold layers β coming out as actionable insights, compliance reports, and AI-powered answers.
Just ask:
"Which VMs exist in GCP but are missing from SentinelOne?"
"What firewall rules reference instances that no longer exist?"
...and get results.
- Multi-cloud ingestion β GCP (Compute, Container, IAM, Resource Manager, VPC Access, Storage, KMS, Logging, DNS, Secret Manager, Cloud SQL), with AWS and VNG Cloud planned
- Asset inventory β Track VMs, disks, networks, projects with change history (SCD Type 4)
- Durable workflows β Temporal-based pipelines with automatic retries and rate limiting
- AI-powered queries β Natural language to SQL via WrenAI + Ollama
- Hot-reload config β Vault or YAML-based configuration with live database reconnection
flowchart LR
Sources[Cloud APIs] --> INGEST[Ingest] --> NORMALIZE[Normalize] --> DETECT[Detect]
INGEST & NORMALIZE & DETECT --> DB[(PostgreSQL)]
DB --> Metabase & Agent
| Layer | Schema | Purpose |
|---|---|---|
| Bronze | bronze.* |
Raw API data, preserved as-is |
| Silver | silver.* |
Normalized, unified asset models |
| Gold | gold.* |
Alerts, compliance, analytics |
| Component | Technology |
|---|---|
| Language | Go |
| Workflows | Temporal |
| ORM | Ent (type-safe, code-first) |
| Database | PostgreSQL (multi-schema) |
| Admin UI | Metabase |
| Agent | WrenAI + Ollama / Vertex AI |
| Config | Vault / YAML with hot-reload |
| Document | Description |
|---|---|
| Architecture | System design, project structure |
| Principles | Architecture rules and patterns |
| Activities | Adding new resource pipelines |
| Ent Schemas | Schema patterns for bronze and history |
| Code Style | Coding conventions |
| Configuration | Vault/YAML config setup |
| Migrations | Database migration guide |
| Contributing | Contribution guidelines |
Apache 2.0 β see LICENSE.