"It hasn't crashed yet"
doesn't mean it's fine.
It means nobody's looked.
AIXray looks. A senior engineer runs our read-only assessment engine on one system you choose — 60+ checks across nine categories, from support-cliff exposure to CVE currency to whether your backups would actually restore — and walks you through exactly where that system stands. Free. Yours to keep. Nothing installed, nothing changed, nothing leaves your environment.
Your risk exposure, in writing.
One afternoon and "we think it's fine" becomes a written, severity-ordered list you can act on with anyone — your own team, another vendor, or us. There is no catch and no gate: no card, no obligation, and the deliverables are complete, not a teaser.
- The posture report — every finding with what was observed, what it means, and how to fix it, scored red/amber/green.
- The compliance view — findings mapped to the controls your examiner tests (DISA STIG-based, with FFIEC and HIPAA views).
- The executive summary — one page, business language, the version a manager takes upstairs.
- A full written plan for that system — what to fix, in what order — the same format and rigor as our paid estate Blueprint.
Built the way AIX people would build it.
A single ksh88 file, zero dependencies, no network calls, read-only — you can read every line before it runs. It installs nothing, changes nothing, and sends nothing anywhere. The report is written on your system; you decide what to share.
It runs under AIX's own /bin/sh — no bash, Python, or GNU tools required — on AIX 7.2 and 7.3, and on VIOS. The kind of thing a cautious admin can vet in an afternoon and trust on a production box.
AIXray reports are written the way we run the service: no black boxes, findings you can read and verify.
- Read-only, always. It inspects and reports — it changes, installs, and restarts nothing.
- No network calls, ever. All reference data is embedded; the report never leaves your box unless you send it.
- One inspectable file. Plain ksh88 — no compiled blobs, no fetches. Read it before you run it.
- Least privilege. Elevated reads are documented; an unprivileged run degrades loudly, never silently.
Nine categories, 60+ checks.
The same ground a senior engineer covers on a first look at a system — lifecycle to monitoring, in one read-only pass.
Lifecycle & support
AIX, VIOS, firmware, and hardware generation against their end-of-support dates.
Patch & vulnerability currency
How far behind the build is, ifix state, and exposure to disclosed CVEs (FLRT-equivalent).
Storage & capacity
Filesystem and inode headroom, paging, volume-group free space, mirror and MPIO path health.
Performance & sizing
LPAR CPU entitlement, memory composition, and JFS2/LVM buffer pressure since boot.
Errors & events
errpt and the logs read for recurring, hardware, and pre-failure signatures.
Availability & resilience
mksysb backup evidence, rootvg redundancy, and dump-device readiness.
Security & hardening
SSH and cipher strength, root and account policy, audit, and DISA STIG rule families.
Config hygiene
Time sync, DNS, default route, kernel tunables, and host self-resolution.
Monitoring & operational readiness
Monitoring agent, remote syslog, error notification, and scheduled backups.
One scan, three ways to read it.
Every finding, explained
Each check with what was observed, what it means, and how to fix it — scored red, amber, or green and rolled up by category.
Control-by-control
A DISA STIG-based control status with observed evidence and an honest automation-coverage note — plus an FFIEC view for credit unions.
One page for leadership
The score, the category bars, and the top risks in business language — no jargon, no command output.
| Category | Result | Verdict |
|---|---|---|
| A. Lifecycle & support | 3 pass · 1 warn · 0 fail | AMBER |
| B. Patch & vulnerability currency | 8 pass · 0 warn · 0 fail | GREEN |
| C. Storage & capacity | 16 pass · 0 warn · 1 fail | RED |
| D. Performance & sizing | 8 pass · 2 warn · 0 fail | AMBER |
| E. Errors & events | 7 pass · 2 warn · 0 fail | AMBER |
| F. Availability & resilience | 2 pass · 2 warn · 1 fail | RED |
| G. Security & hardening | 13 pass · 5 warn · 5 fail | RED |
| H. Config hygiene | 3 pass · 2 warn · 1 fail | RED |
| I. Monitoring & operational readiness | 2 pass · 3 warn · 0 fail | AMBER |
Real output from a sanitized AIX 7.3 LPAR. View the full sample report →
Today, we run it for you.
The free assessment is done-for-you: a senior engineer runs AIXray on one system you choose and walks you through the results. Nothing to install, nothing to learn — you get the report and the plan. Start with a free assessment →
We're preparing AIXray for an open-source release — the same engine, yours to run and read. It is in preparation, not available yet. If you'd like to know when it ships, say so in the assessment form and we'll tell you.
- It's the honest version of what we do. The same first look our managed service starts with, run once on one system.
- You don't have to run it yourself. A senior engineer runs it and reads it with you.
- No obligation. The findings and the stepped plan are yours to keep, whether or not you ever hire us.
One system is a snapshot. The path is optional — and priced in the open.
Most people stop at the free assessment and act on the plan themselves. If you want more, each next step is a separate, plainly-priced decision:
PowerTrue Blueprint
The same assessment and planning across your whole estate — per-system condition, sequence, and price. A low-cost engagement, 100% credited if you proceed within 90 days.
PowerTrue Fortify
The program that works the plan: your systems brought current, hardened, and documented — priced by measured condition, finished against a frozen punch-list, proven by an AIXray re-run.
PowerTrue Refresh
When fixing in place isn't worth it: a new, current, hardened Power environment we build and run — your team moves your applications onto it, on your timeline.
PowerTrue Bulwark
The ongoing managed service that keeps everything at the standard — so nobody ever has to say "it hasn't crashed yet" about your systems again.
Full detail on every stage: how it works →
Find out what's actually true about one of your systems.
Pick one system; a senior engineer runs AIXray on it and walks you through what's red, what's amber, and the order we'd fix it. Free, no obligation — and everything we find is yours to keep.