The infrastructure governance runtime for multi-country enterprises. Discover what you have. Organize by how your business works. Enforce policy by jurisdiction.
v1.0-beta in progress — preview coming soon.
Most enterprises have hundreds of cloud accounts across dozens of countries. Nobody can answer the basic questions: What do we have? Who owns it? What does it cost? Is it compliant?
40-60%
of cloud resources are not managed by any IaC tool
3 levels
is all typical platforms offer for organizational hierarchy
Weeks
to assemble compliance evidence for auditors manually
Discovery-first architecture
Prism scans your cloud subscriptions and finds everything that exists — managed and unmanaged. Orphaned disks, forgotten resource groups, shadow deployments nobody budgeted for.
“247 resources discovered. 80 managed. 167 unmanaged. Here are the orphaned resources costing you money right now.”
5-level organizational taxonomy
Business Line, Country, Domain, Application, Service. Every resource, every policy, every cost record lives within your actual organizational structure — not arbitrary project folders.
“When your CFO asks 'what does our French payments division spend on Azure?' — you answer in 2 clicks.”
Dual-engine policy system
JavaScript for readable business logic. OPA/Rego for formal governance. Policies evaluate against the full organizational context — including country-level regulatory requirements. In v1.0, the Regulation Engine adds built-in frameworks like GDPR, PCI-DSS, and NIS2 that bind automatically to your taxonomy — the right rules apply to the right jurisdictions without manual mapping.
“This VM size is allowed in France but blocked in Germany. That's one policy rule, not two.”
Prism scans your cloud subscriptions and finds everything that exists — managed and unmanaged.
Resources map into your 5-level organizational taxonomy: Business Line, Country, Domain, Application, Service.
Dual-engine policies (JavaScript + OPA/Rego) enforce compliance by jurisdiction and business unit.
Costs attribute automatically to your business structure. Chargeback-ready from day one.
Prism scans your cloud subscriptions and finds everything that exists — managed and unmanaged.
Resources map into your 5-level organizational taxonomy: Business Line, Country, Domain, Application, Service.
Dual-engine policies (JavaScript + OPA/Rego) enforce compliance by jurisdiction and business unit.
Costs attribute automatically to your business structure. Chargeback-ready from day one.
Typical infrastructure tools manage what flows through their pipelines. Scramble governs the entire estate — including the 60% of resources that no pipeline touches.
Organization model
Typical Approach
3-level project hierarchy
With Scramble
5-level taxonomy mapped to your business structure
Discovery
Typical Approach
Only sees infrastructure defined in code
With Scramble
Discovers everything — managed and unmanaged
Policy
Typical Approach
Checks pipeline events
With Scramble
Evaluates against organizational context and jurisdiction
Compliance
Typical Approach
Map regulations to resources manually
With Scramble
Regulation library binds to taxonomy automatically
Cost
Typical Approach
Tracked by resource tags
With Scramble
Attributed to business structure automatically
AI agents
Typical Approach
Productivity tools
With Scramble
Governed platform participants with identity and kill switches
Pricing
Typical Approach
Usage-based, scales with resources
With Scramble
Flat fee — more usage, same cost
Operating across 15+ jurisdictions with different regulatory requirements? Auditors asking for compliance evidence and you spend weeks assembling it manually?
→See compliance posture by country, business unit, and workload. Generate audit evidence in minutes, not weeks.
CFO asking what each division spends on cloud? Finance wants chargeback by business unit but your tags are incomplete and inconsistent?
→Automatic cost attribution to your actual P&L structure. Chargeback-ready from day one.
Suspecting there are cloud resources nobody owns, nobody budgeted for, and nobody governs? Paying for orphaned disks and forgotten dev environments?
→Prism discovers unmanaged infrastructure in minutes. See the gap between what's managed and what exists.
AI agents are starting to operate on your infrastructure. Who controls what they can touch, in which country, for which business unit?
→Governed agents with identity, autonomy tiers, taxonomy-scoped permissions, and kill switches.
Compliance today means translating regulation PDFs into policy code by hand. The Regulation Engine ships with built-in regulatory frameworks — GDPR, PCI-DSS, SOC 2, NIS2 — that automatically bind to your organizational taxonomy. Select a regulation, and the right guardrails apply to the right resources in the right jurisdictions.
→GDPR applies to your EU entities. PCI-DSS applies to your payments domain. Automatically. No manual mapping.
Cloud Agnostic
Native multi-cloud support. AWS and Azure fully onboarded. GCP, OVHcloud, and Alibaba Cloud planned.
IaC-Agnostic
Works with Terraform, OpenTofu, Pulumi, and Bicep. Your IaC choice is a deployment detail.
Dual-Engine Policy
JavaScript for business logic. OPA/Rego for formal governance. Both evaluate against full organizational context.
Event Architecture
Every action emits a standardized event envelope. Same data feeds audit, notifications, and agent decisions.
REST API + CLI
Full API access for automation and integration. CLI for developer workflows.
Flat-Fee Pricing
No per-resource, no per-scan charges. More usage, more value, same cost.
Scramble is shaped by the enterprises that use it. If you're managing infrastructure across countries and business units, your organizational reality becomes part of the platform. Raise your hand or download the white paper.