A system and method for near-real time inspection of a computing environment for a cybersecurity object is presented. The method includes: continuously receiving a plurality of event records, each event record having an event type, and corresponding to an event in the computing environment; detecting in the plurality of event records, an event record of a first type; parsing the event record of the first type to detect a resource identifier, wherein the resource identifier corresponds to a resource deployed in the computing environment; initiating inspection of the resource for a cybersecurity object; and initiating a mitigation action in the computing environment, in response to detecting the cybersecurity object on the resource.