AVAILABLE NOW — Published on PyPI

Your Infrastructure Drifted.
We Caught It.

Real-time drift detection across Terraform, Pulumi, and CloudFormation.
48 security rules. Auto-remediation. Continuous compliance. Zero lock-in.

$ pip install autoai-driftguard
Install Now — Free → See the scanner ↓ View Product Poster
48 drift rules
3 cloud providers
<30s scan time
Auto PR generation
CRITICAL azurerm_nsg.main — port 22 opened to 0.0.0.0/0 — PR #47 CREATED
HIGH azurerm_storage.data — public_access enabled — AUTO-FIXED
MEDIUM aws_ec2.worker-3 — instance type changed t3.small → m5.xlarge — FLAGGED
HEALED gcp_firewall.ingress — restored to IaC state — PR #45
CRITICAL aws_iam_role.deploy — AdministratorAccess attached — AUTO-FIXED
HIGH azurerm_vm.legacy — oversized SKU (8% CPU) — $186/mo savings available
CRITICAL azurerm_nsg.main — port 22 opened to 0.0.0.0/0 — PR #47 CREATED
HIGH azurerm_storage.data — public_access enabled — AUTO-FIXED
MEDIUM aws_ec2.worker-3 — instance type changed t3.small → m5.xlarge — FLAGGED
HEALED gcp_firewall.ingress — restored to IaC state — PR #45
CRITICAL aws_iam_role.deploy — AdministratorAccess attached — AUTO-FIXED
HIGH azurerm_vm.legacy — oversized SKU (8% CPU) — $186/mo savings available
PRODUCT DEMO

See DriftGuard in Action

42-second commercial showing the problem, the product, and the proof.

LIVE DEMO

Watch DriftGuard Scan in Real-Time

A live simulation of DriftGuard scanning your Azure infrastructure against Terraform state.

DriftGuard Drift Scanner SCANNING
THE REALITY

Before vs After DriftGuard

Infrastructure drift is invisible until it isn't. Here's what changes when you stop guessing.

Before DriftGuard
×

Silent drift for weeks

Someone opens port 22 in the console. Nobody knows. Terraform state diverges silently until the next plan shows 47 unexplained diffs.

×

Surprise cloud bills

A dev upsizes a VM "temporarily." Three months later it's still running at Standard_D4s_v3, burning $186/month nobody budgeted.

×

Security gaps found in audits

Public storage accounts, unencrypted databases, overpermissioned roles — all discovered during the annual audit, not when they were created.

×

Manual remediation

Someone has to track down every drift, figure out the right state, write a fix, get it reviewed, and apply it. Hours of toil per incident.

After DriftGuard

Real-time detection

Every manual change is detected within seconds. DriftGuard compares live state against your IaC and alerts instantly.

Cost optimization built-in

Oversized resources are flagged with exact savings calculations. Resize recommendations are generated as ready-to-merge PRs.

Continuous compliance

48 security policies enforced continuously. Every violation triggers a PR with the fix. Compliance is a stream, not a quarterly event.

Auto-remediation via PRs

DriftGuard generates terraform plans, opens PRs with the fix, and links the drift evidence. Review and merge — no manual investigation.

DRIFT TAXONOMY

Four Types of Drift. All Detected.

Not all drift is equal. DriftGuard classifies, prioritizes, and routes each type differently.

🛡

Security Drift

Open ports, public storage, unencrypted databases, overpermissioned IAM roles created outside IaC.

  • Port 22 opened to 0.0.0.0/0
  • Storage public_access enabled
  • Admin role manually attached
  • Encryption disabled on RDS
💰

Cost Drift

Oversized VMs, orphaned resources, unnecessary premium tiers silently increasing your cloud spend.

  • VM upsized from B2ms to D4s_v3
  • Orphaned disks (no VM attached)
  • Premium tier on dev resources
  • Idle load balancers ($18/mo each)
📋

Compliance Drift

Tag violations, region restrictions, logging gaps, and policy breaches that put you out of compliance.

  • Missing required tags (env, owner)
  • Resources in non-approved regions
  • Diagnostic logging disabled
  • Backup policy not applied

Config Drift

Environment variables, scaling rules, network configs, and settings that silently diverged from source.

  • Environment variables changed
  • Auto-scale rules modified
  • DNS records updated manually
  • CORS origins overridden
CAPABILITIES

Four Commands. Complete Coverage.

Everything you need to detect, monitor, fix, and report infrastructure drift.

🔍

Scan

Point-in-time drift detection. Compare live cloud state against your Terraform, Pulumi, or CloudFormation templates. Get results in under 30 seconds.

$ driftguard scan --state terraform.tfstate
Scans all resource types across Azure, AWS, GCP
👁

Watch

Continuous monitoring mode. DriftGuard polls your infrastructure on a configurable interval and alerts on any state deviation. Set it and forget it.

$ driftguard watch --state terraform.tfstate --interval 5m
Alerts via Slack, PagerDuty, email

Fix

Auto-remediation with PR generation. DriftGuard generates the terraform plan to resolve each drift and opens a pull request with full context and evidence.

$ driftguard fix --state terraform.tfstate --auto-pr
Creates PRs with drift evidence attached
📈

Report

Compliance-ready drift reports with full audit trail. Show auditors exactly what drifted, when, who changed it, and how it was remediated.

$ driftguard report --format html
Export as HTML, JSON, CSV, PDF
48
Built-in drift rules
3
Cloud providers
<30s
Average scan time
Auto
PR generation
GET STARTED

Three Steps to Drift-Free Infrastructure

From install to continuous monitoring in under 2 minutes. No signup required for the free tier.

1

Install

Install DriftGuard from PyPI. Works with Python 3.9+. No native dependencies.

pip install autoai-driftguard # Verify installation driftguard --version
2

Connect

Point DriftGuard at your Terraform or Pulumi state file. Uses your existing cloud credentials (az login, aws configure, or gcloud auth).

# Scan against Terraform state driftguard scan --state terraform.tfstate # Or specify your IaC tool driftguard scan --state pulumi-export.json --iac pulumi
3

Watch

Start continuous monitoring. DriftGuard scans on your schedule and alerts on any deviation from declared state.

driftguard watch --state terraform.tfstate --interval 5m # Or run a one-time scan driftguard scan --state terraform.tfstate
PRODUCT POSTER

DriftGuard at a Glance

View full poster ↗
INTERACTIVE DEMO

Try DriftGuard Right Now

No installation needed. This runs entirely in your browser.

DriftGuard Interactive Demo LIVE
Select provider and IaC tool, then click "Scan for Drift" to see results...
PRICING

Simple, Transparent Pricing

Start free. Scale as your infrastructure grows. No hidden fees.

Free
£0
Catch drift before it catches you
  • 15 security drift rules (of 48)
  • Single cloud provider
  • Terraform support
  • On-demand scanning
  • CLI output
  • Auto-fix & PR generation
  • Continuous monitoring
Pro
£10/mo
For DevOps teams
  • All 48 drift rules
  • 3 cloud providers (Azure, AWS, GCP)
  • Terraform + Pulumi + CloudFormation
  • Auto-fix with PR generation
  • Continuous monitoring (watch mode)
  • Slack/PagerDuty alerts
  • Cost drift detection
Start Pro Trial
Enterprise
£30/mo
For platform teams
  • Everything in Pro
  • Multi-account scanning
  • Custom drift rules
  • Team dashboard
  • Compliance drift reporting
  • GitHub Actions integration
  • Dedicated support
Contact Sales
Custom
Custom
Enterprise-wide
  • Everything in Enterprise
  • On-premise deployment
  • Custom SLA
  • White-glove onboarding
Contact Us
INTEGRATIONS

Works With Your Entire Stack

DriftGuard integrates with the IaC tools and cloud providers you already use.

Infrastructure as Code
Terraform
🚀 Pulumi
CloudFormation
📦 OpenTofu
Cloud Providers
Azure
AWS
Google Cloud
Alerting & Workflow
💬 Slack
🔔 PagerDuty
📦 GitHub Actions
📦 GitLab CI
📦 Azure DevOps
Email

Stop Drifting.
Start Knowing.

Join infrastructure teams who trust their IaC state. Free forever for up to 50 resources.