OpsBlip is operational asset lifecycle management for DevOps, IT, and agencies: expirations, notice windows, ownership, and public-surface drift — not just uptime. One workspace, no agents.
50 objects · 10 endpoints · Weekly scans · Alerts, reminders, digest, flows, analytics · Free forever (not a trial)
Let's Encrypt wildcard
Expired 3 days ago
Cloudflare annual contract
Non-renewal window opens this week
api.northwind.io
NS drift detected from baseline
status.northwind.io
New certificate, approval needed
deploy.northwind.io
Banner changed after maintenance
Three steps for teams who need expirations, drift, and ownership in one place — built for real infrastructure portfolios, not toy monitors.
Track 22 object kinds (domains, DNS, certificates, servers, databases, containers, cloud accounts, and more) with auto-renew, notice periods, and criticality. Bulk in via CSV; export columns you need. Verify your org domain to unlock onboarding and sensitive workflows.
Attach HTTPS, DNS, SSH, and TCP checks. Weekly scans compare results to approved baselines so drift surfaces as severity-based findings — no agents or firewall holes.
Email rules, in-app repeating reminders, drift notifications, and a weekly digest. Pair with flowchart runbooks for renewals, drift, and incidents while the dashboard keeps risk, renewals, and the operations inbox in view.
Built for DevOps, IT, and agencies managing real infrastructure — deadlines, ownership, public-surface drift, and the workflows around them.
Everything that expires or needs attention is front and center.
Public endpoint checks for expiry, hostname mismatch, chain changes, and drift versus an approved baseline.
Watch A, AAAA, CNAME, MX, NS, and TXT for unauthorized changes, with nameserver sync validation across providers.
Approve known-good state, then let scans surface drift. Use flowchart-style runbooks for incident response and renewal.
Severity-based findings with remediation tracking: acknowledge, resolve, snooze, or assign.
Email rules, in-app reminders, deadline alerts, drift notifications, and a weekly digest.
22 asset kinds: domains, DNS, certificates, servers, databases, containers, cloud accounts, and more.
Full activity history with filtering. Actor and timestamp on every entry.
Customizable charts with forecasting, period comparison, drilldowns, and resizable widgets.
Bulk import with duplicate detection. Configurable column export, formula-safe.
Authenticator-app codes, active session management, and recovery codes.
In-app support tickets plus admin portal for multi-org oversight.
Prove domain control before enabling sensitive workflows.
External checks against public endpoints: approve a baseline, scan on a schedule, and let drift show up as findings with alerts, digest, and runbooks — no agents or inbound firewall rules.
OpsBlip focuses on operational lifecycle and public-surface drift; deeper synthetic transactions, browser journeys, and vuln scanning are natural extensions as the product grows.
Start with a real free workspace now. Planned tiers add shared ownership, routing, and audit workflows when they launch.
Compare subscriptions in detailFor one real portfolio with one accountable owner. No credit card needed.
Launch pricing preview - final price confirmed at GA.
For small ops teams that need shared ownership, faster scans, and routing.
Launch pricing preview - final price confirmed at GA.
For broader access control, auditability, and higher-scale deadline coverage.
Free is live and ready today. Pro and Team are coming soon — join the waitlist to get early access and launch pricing.
Features
$0 forever
$29/user/month
$99/month
Object & endpoint tracking
Domains, certificates, contracts, APIs
Finding detection
Drift, expiry, and compliance alerts
Tracked objects
Public endpoints
Workspace members
Scheduled scan cadence
Manual rescans
Scan windows / maintenance holds
Pause scanner starts during defined maintenance periods
Email alerts
External alert recipients
Slack & webhook alerts
Resolution flows
Flow complexity
Analytics & reports
Deep Research AI
AI-powered summary & recommendations
Data history retention
API access tokens
Audit log export
Advanced RBAC
Custom roles & permissions
SAML SSO
$0 forever
Database-enforced tenancy, TOTP and session controls, encrypted scanner jobs, and a filterable audit timeline — baseline expectations for production operations data.
PostgreSQL RLS enforces tenant isolation in the database. Cross-org reads and writes are blocked by design so each workspace stays private.
Time-based one-time codes from your authenticator app, recovery codes for lockouts, full session management, and password reset — not optional hardening, just how sign-in works.
The in-app timeline captures object edits, endpoint and scan activity, imports, security events, and more with actor identity and timestamps for investigations and compliance-style review.
Monitoring originates from our scanner toward public targets only. No daemons on servers, no inbound holes, and a smaller blast radius than traditional inside-the-VPC agents.
Only public-routable targets are accepted. Loopback, private, link-local, and multicast destinations are rejected before a job ever leaves the queue.
Scanner traffic uses TLS, mutual authentication where applicable, pinned internal CAs, and short-lived signed job tokens so jobs are tamper-resistant end to end.
The free tier is built to run real portfolios: objects, endpoints, dashboard signal, imports, alerts, digest, and reminders — move to larger launch tiers when they go live, not because the starter tier expired.
Attach TLS endpoints on the free tier: expiry, chain, hostname alignment, and drift versus an approved baseline — same findings pipeline as paid workspaces, with weekly scans.
Risk cards, renewal timeline, vendor heatmap, workload, ownership coverage, scan freshness, decision queue, and operations inbox — a genuinely useful free tier, not a time-limited trial.
Bring your spreadsheet: import objects in bulk with duplicate detection, then export with configurable columns for finance, ITSM, or auditors — available on the free plan.
Yes. Free includes 50 objects, 10 public endpoints, weekly scans, email alerts, repeating in-app reminders, the weekly digest, dashboard views, CSV import, configurable export, timeline, flows, analytics widgets, customizable email templates, support tickets, and 30-day history. No credit card and no trial countdown - it is meant to stay useful for real teams, not expire as a teaser.
Objects are operational assets you track across 22 kinds: domains, DNS zones, mail domains, certificates, servers, databases, containers, cloud accounts, APIs, storage, contracts, licenses, warranties, and more. Each supports deadlines, auto-renew flags, notice periods, criticality, and an accountable owner, and can have HTTPS, DNS, SSH, or TCP endpoints attached for drift monitoring.
HTTPS/TLS (expiry, chain, hostname mismatch, drift vs baseline), DNS (A, AAAA, CNAME, MX, NS, TXT with nameserver sync checks), SSH banners, and TCP port reachability. Scans run from our external scanner; you approve baselines so only meaningful drift becomes severity-based findings with remediation tracking.
Configure email rules for deadlines, drift, and other signals; add in-app repeating reminders and deadline alerts; and send a weekly digest so quieter issues still surface. Notification copy can follow customizable email templates, and free plans still support a small number of external recipients who do not need user seats.
Flows are flowchart-style runbooks inside the product for repeatable work: incident response, certificate renewal, domain renewal, and endpoint drift. They complement the dashboard and findings queue so teams execute the same steps when something crosses from signal to action.
A dedicated analytics area with customizable charts, forecasting, period-over-period comparison, drilldowns, and resizable widgets so you can explore risk and operational trends without exporting everything to a BI tool first.
After the first successful scan, you can approve a snapshot as the known-good baseline. Later scans compare to that approved state; drift drives findings and notifications instead of noise on every cosmetic diff.
Yes. Free plans include one external email recipient so finance, legal, or domain owners can receive deadline or drift mail without full user seats. Higher tiers expand routing and limits as they ship.
No. Monitoring is external to your public endpoints. That keeps firewall posture simple and aligns OpsBlip with lifecycle and drift use cases rather than inside-the-network instrumentation.
Workspaces can open in-app support tickets. Platform operators get an admin portal for multi-organization management: announcements, user lifecycle, recovery assistance, audit logs, and operational charts.
Pro and Team are planned but not yet generally available. Join the pricing waitlist to influence priority. Expect higher limits, faster scan cadence, richer alert routing, shared ownership models, and Team-grade audit controls as those tiers ship. API access and SSO remain planned work, not current MVP functionality.
Yes. CSV import creates or updates objects with duplicate detection. Export lets you choose columns and remains formula-injection safe for Excel or Google Sheets, so finance and auditors can keep working in familiar tools.
Spin up a free workspace in minutes: import assets, wire up HTTPS, DNS, SSH, or TCP checks, and let the dashboard, findings, flows, alerts, and timeline carry you from signal to action.
Free tier built to stay useful · No credit card · Cancel anytime
OpsBlip is free and community-driven. If it saves your team time, consider a donation to the project jar. Every contribution helps keep the lights on.
Donate via Mono Jar