That's the part nobody talks about. The fix is always easy. Knowing what to fix, on which machines, and whether fixing it will break something else is where all the time goes.
We had a compliance scanner that found the SSH issue. We had a monitoring tool that knew which servers were running. We had an inventory spreadsheet that was already two weeks stale. None of them knew about each other. The scanner couldn't tell us those same three servers also had unpatched OpenSSL and a cron job running as root that nobody recognized.
I've been doing this for 15 years and the workflow never changes. SSH in, run a command, copy the output, move to the next box. When someone asks "which servers have this package AND this firewall rule AND failed this CIS check?" you spend your afternoon writing bash loops.
OpsFabric makes that a search query. Every detail from every server, packages, services, users, firewall rules, cron jobs, open ports, SCAP results, CVE exposure, all in one place. You can stack filters across all of it. And when you find the problem, you fix it from the same screen. Add a user, close a port, remediate a failed CIS rule, no SSH.
Built on event bus so everything happens in parallel across the fleet. No polling, no waiting.
Free tier will include almost everything. No per-host, no per-seat pricing.
Happy to answer questions about the architecture or anything else.