Blackglass

Blackglass Tools

Free utilities for Linux fleets and cloud accounts

Pre-scan planning tools you can run in the browser — no signup, no credentials. They give you a defensible starting point; real scans, approvals, and history live in Blackglass and Charon.

Linux Drift Risk Score

Five-question questionnaire that scores your Linux change-control posture and surfaces the three drift classes most worth watching.

A pre-scan planning tool aligned with Blackglass — multiple-choice only, no free-text, no fleet data ever leaves your browser. For continuous drift detection with severity, urgency, and exports your auditor can read, use Blackglass itself.

Privacy: the questionnaire never requests, stores, or processes hostnames, distros by name, or any operator commentary. Inputs are five multiple-choice questions and the result lives in your browser.

Distros in production

Pick all that apply. Mixed fleets get a small risk uplift because policy bases differ.

Configuration management
SSH key process
Compliance pressure
Existing telemetry

Score updates as you choose. Nothing leaves your browser.

Drift risk score

0

/ 100

Low

Healthy posture. Annual baseline refresh and tagging discipline keep it that way.

Top three drift classes for your shape

  1. 01

    SSH keys & remote access

    Drift here turns into long-lived backdoors and post-departure access risk.

  2. 02

    sudoers / privilege model

    Quiet promotion of a daemon user to wheel is one of the highest-impact, lowest-noise drift events.

  3. 03

    Package baseline

    Unscheduled installs and version skew break reproducibility and let CVEs slip through.

How was this score computed?
  • Configuration management — Consistent (Ansible / Puppet / Chef / Salt run on a schedule)+0
  • SSH key process — Automated (issued and revoked via IdP / Vault / Teleport)+0
  • Compliance pressure — Low (no formal obligations today)+0
  • Existing telemetry — Comprehensive (osquery / auditd / FIM / CSPM all in place)+0

Weights are calibrated for directional usefulness, not production-grade classification — the same blunt approach as the Cloud Waste Estimator.

What to do next

  • Schedule a quarterly drift review and an annual baseline refresh — small fleets stay healthy on light cadence.
See how Blackglass baselines drift →Explore a sample workspace

What this score does — and doesn’t

  • Directional, not authoritative. Weights are calibrated for educational estimation, not production-grade classification. They are not the heuristics Blackglass uses on real fleets.
  • No telemetry collected. Your selections are scored locally; nothing is uploaded.
  • Output is shaped for action. A score, three drift classes worth watching first, and a short list of next steps — not a 50-page report nobody reads.

Powered by Blackglass · See the security overview for how the paid product handles your data, or explore a sample workspace first.