GrandLine Request a demo →
Multi-cloud visibility · AWS · Azure · GCP

See every cloud resource. Every relationship. Every risk. Every dollar.

GrandLine Architecture Intelligence automatically discovers your cloud estate, generates publication-quality architecture diagrams, surfaces security findings in context, and keeps your cloud spend honest. across AWS, Azure, and GCP.

View live demo → Contact sales
AWS Microsoft Azure Google Cloud Agentless Read-only SOC 2 aligned

What the platform can do

Three pillars, one product. Every feature is grounded in the resources it discovers. no spreadsheets, no stale diagrams, no blind spots.

A

Automatic Architecture Discovery

Map every VPC, VNet, project, subnet, workload, database, and dependency. Diagrams are generated automatically from live APIs and stay current on every scan.

S

Security Scanning & Risk Visualization

Public exposure, encryption gaps, over-permissive IAM, risky SG/NSG rules. Every finding is anchored to the resource. and highlighted on the diagram.

C

Cost Optimization & FinOps

Trend detection, anomaly flagging, rightsizing and idle-resource recommendations. Filter by account, service, tag, or environment. and see cost in context.

Why GrandLine

Most tools give you inventory. Some give you findings. We give you architecture. the thing your team actually needs to reason about the estate.

Architecture-first, not list-first

The primary surface is the diagram, not a table. Findings, cost, and access all drape over the topology so the story is always contextual.

Agentless & read-only

Cross-account roles (AWS), Microsoft Entra ID Workload Identity Federation (Azure), Workload Identity Federation (GCP). No writes. No agents. Data stays in your boundary for Self-Hosted.

Presentation-grade diagrams

ELK layered layout with crossing minimization. PNG at 300 DPI and SVG. Icons are the official AWS, Azure, and GCP sets. Diagrams you can put in a board deck.

Three clouds, one pane

Unified resource graph across AWS, Azure, and GCP. Search, group, drill down, and export consistently.

Tenant isolation you can audit

Per-tenant AWS KMS customer managed keys, Postgres RLS, MFA by default on SaaS, Enterprise SSO & WebAuthn, S3 Object Lock audit.

Commercial clarity

Three tiers, predictable pricing, no seat explosions. Usage-tiered, not seat-taxed. talk to us and we’ll match the plan to your estate.

Security

Secure-by-default everywhere. TLS 1.2+ on 443 only, argon2id passwords, MFA mandatory in SaaS, short-lived cloud credentials, and tenant isolation enforced at the database layer.

HTTPS only

TLS 1.2+ on port 443. No port 80 anywhere. HSTS with preload.

Read-only cloud access

IAM cross-account roles (AWS), Entra federated credentials (Azure), workload identity federation (GCP).

Tenant isolation

Postgres row-level security, per-tenant KMS envelope encryption, tenant-prefixed S3 keys.

Read the security page →   Download the security white paper →

Pricing

Three plans. No hidden tiers. Pick the one that matches your estate. usage-tiered, not seat-taxed.

Free

$0

Up to 100 resources · SaaS only · Community support

  • Discovery across any one cloud
  • Diagram PNG export (watermarked)
  • Critical/High findings
  • 3 users
Contact Sales

Pro

$200/ month

or $2,000 / year · 1,000 resources · SaaS + Self-Hosted

  • All three clouds
  • PNG + SVG export
  • All severities & remediation
  • Monthly PDF reports
  • 25 users, 4 roles
Contact Sales

Enterprise

$500/ month

or $5,000 / year · Unlimited resources · SaaS + Self-Hosted

  • SSO (SAML/OIDC) + WebAuthn
  • Custom roles & scoped permissions
  • DOCX reports, 7-year audit
  • Private link & data residency options
  • 24/7 support + CSM
Contact Sales

Ready to see your estate, end to end?

Book a live demo or take the interactive walkthrough.

Open live demo → Contact sales