The Asset Inventory is your central directory of all technology assets in your organization. It combines automatically discovered assets from connected integrations with manually added entries to provide a complete, auditable record.

Browsing the Inventory

Navigate to Assets in the main sidebar to view your inventory. The asset list supports:
  • Filtering by type (cloud resource, endpoint, server, application), source integration, owner, status, and compliance status
  • Searching by asset name, IP address, hostname, or other identifying attributes
  • Sorting by name, type, source, last seen date, vulnerability count, or compliance status
  • Pagination for organizations with large inventories
Each row displays the asset name, type, source integration, owner, vulnerability count, compliance status, and last seen date.

Adding Assets Manually

For assets not discovered through integrations:
1

Click Add Asset

From the Assets page, click Add Asset in the top right corner.
2

Select the asset type

Choose from cloud resource, endpoint, server, or application.
3

Enter asset details

Provide the asset name, description, and any identifying attributes such as IP address, hostname, or URL.
4

Assign an owner

Select the person or team responsible for maintaining and securing this asset.
5

Save

Click Save to add the asset to your inventory.
Manually added assets are not updated by integration syncs. You are responsible for keeping their details current, including status changes and decommissioning.

Asset Details Page

Click on any asset to view its detail page, which contains:

General Information

  • Asset name, type, and description
  • Source integration (or “Manual” for hand-entered assets)
  • Current status (active, inactive, decommissioned)
  • Assigned owner
  • Date first discovered and date last seen

Compliance Status

A summary of whether the asset meets applicable compliance requirements based on automated test results. This includes:
  • Encryption at rest and in transit status
  • Protection agent installation (for endpoints)
  • Configuration compliance against security baselines
  • Patch and update currency

Vulnerability Summary

A breakdown of known vulnerabilities by severity:
SeverityDescription
CriticalImmediate remediation required. Actively exploitable or high-impact.
HighRemediate within defined SLA (typically 30 days).
MediumRemediate within extended SLA (typically 90 days).
LowRemediate as resources permit. Low exploitation risk.
InformationalAwareness only. No immediate action required.

Activity History

A timeline of changes to the asset, including:
  • When it was first discovered or added
  • Status changes (active to decommissioned)
  • Vulnerability findings added or resolved
  • Ownership changes

Editing Assets

To update an asset’s details:
  1. Open the asset detail page.
  2. Click Edit to modify the name, description, type, owner, or status.
  3. Click Save to apply changes.
When decommissioning an asset, change its status to Decommissioned rather than deleting it. This preserves the audit trail and shows auditors that asset lifecycle management is in place.

Deleting Assets

To remove an asset from the inventory:
  1. Open the asset detail page.
  2. Click Delete and confirm the action.
  3. The asset and its association history are removed.
Deleting an asset also removes its vulnerability associations and compliance history. For audit purposes, it is better to mark assets as decommissioned rather than delete them.

Integration-Synced Assets

Assets discovered through integrations have additional properties:
  • Automatic updates — Details refresh on every integration sync cycle.
  • Source link — A reference back to the asset in the source system.
  • Sync status — Indicates whether the asset was seen in the most recent sync.
If an integration-synced asset is not detected in a subsequent sync, it may indicate the resource was terminated or the integration scope changed. LowerPlane flags these assets for review rather than automatically removing them.

Bulk Operations

Select multiple assets using the checkboxes to perform bulk actions:
  • Assign owner — Set the owner for multiple assets at once
  • Change status — Mark multiple assets as active, inactive, or decommissioned
  • Export — Download a CSV of selected assets for external reporting or audit packages

Asset Inventory as Evidence

Your asset inventory itself serves as compliance evidence. Auditors expect to see:
  • A complete, current inventory of information assets
  • Assigned ownership for each asset
  • Classification or categorization of assets
  • Regular review and update of the inventory
LowerPlane automatically generates asset inventory evidence artifacts during compliance score calculations, ensuring this evidence is always up to date.
The asset inventory contributes to multiple controls across all frameworks. Maintaining an accurate inventory is one of the foundational requirements for any compliance program.