Sprinto DashboardAPI Reference

Asset Register

Centralise, track, and classify your infrastructure, devices, code, and people with Sprinto’s unified Asset Register for streamlined compliance and risk assessments.

The Asset Register in Sprinto serves as the central repository for all assets relevant to an organisation's security and compliance posture. It consolidates both automatically discovered assets from integrated systems and manually added assets, enabling complete visibility and tracking of infrastructure, endpoints, codebases, and people across your organisation.

The register is structured into two main categories:

  • Auto-discovered assets: Retrieved through integrations configured in the Security Hub. These include Infrastructure, Staff Devices, Code Repositories, and People.

  • Custom assets: Manually added assets that Sprinto cannot fetch due to integration limitations, such as on-premise servers, CCTV systems, or backup generators.

Together, these asset types support a unified approach to asset-based risk evaluation, compliance monitoring, and evidence collection.

Key Benefits

  • Centralised Asset Inventory: View all assets across cloud, device, human, and software domains in a single interface.

  • Compliance Alignment: Tag assets as In Scope or Out of Scope to map them to relevant compliance requirements.

  • Risk Assessment Foundation: Supports Asset-Based Risk Assessment (ABRA) by identifying risks tied to each asset category.

  • Ownership and Traceability: Assign owners and metadata to each asset to ensure accountability.

  • Bulk Upload Capabilities: Quickly onboard custom assets using a CSV-based upload template.

Sections Within the Asset Register

Section
Description

Auto-discovered

Displays assets retrieved automatically via integrations. Tabs include:

Infrastructure: e.g., EC2, S3, Lambda (from AWS/Azure)

Staff Devices: e.g., employee laptops, enrolled via Dr. Sprinto/Rippling

Code Repos: GitLab, GitHub, Bitbucket, Azure DevOps repositories

People: Staff members with compliance status and roles

Custom assets

Includes manually uploaded assets not supported via integrations.

• Add assets individually or in bulk

• Organise by asset groups

• Add metadata: owner, scope, notes, and classification

Use Cases

Scenario
Description

Compliance audit preparation

Retrieve a full list of production assets for SOC 2, ISO 27001, or GDPR audits

Device scope classification

Tag employee devices as In Scope or Out of Scope for onboarding and offboarding checks

Code repository tracking

View classification and ownership of repos across integrated Git providers

Manual asset tracking

Register on-prem systems, backup generators, and legacy infrastructure manually

Asset-based risk evaluation (ABRA)

Use asset-level visibility to evaluate exposure and prioritise remediation

Bulk onboarding of unmapped assets

Upload multiple assets at once using the bulk CSV template

Ownership visibility for audit trails

Identify asset owners to assign responsibility and streamline incident response

PreviousGlossaryNextHow it Works

Last updated