Products
Kensa
CLI compliance engine with 508 rules, 23 remediation mechanisms, and automatic rollback. Scan, remediate, and roll back security configurations over SSH.
OpenWatch
Continuous compliance platform with dashboards, drift detection, adaptive scheduling, and audit-ready evidence. See everything, continuously.
Get started
Install Kensa
Get from zero to your first compliance scan in 10 minutes.
Deploy OpenWatch
Deploy with Docker, Podman, RPM, or from source.
API reference
80+ REST endpoints for automation and integration.
Supported frameworks
Both Kensa and OpenWatch support the following compliance frameworks from a single scan.| Framework | Mapping ID | Description |
|---|---|---|
| CIS RHEL 9 v2.0.0 | cis-rhel9-v2.0.0 | Center for Internet Security Benchmark |
| STIG RHEL 9 V2R7 | stig-rhel9-v2r7 | DISA Security Technical Implementation Guide |
| NIST 800-53 R5 | nist-800-53-r5 | NIST Security Controls |
| PCI-DSS v4.0 | pci-dss-v4.0 | Payment Card Industry Data Security Standard |
| FedRAMP Moderate | fedramp-moderate | Federal Risk and Authorization Management Program |
Community
All documentation is hosted on GitHub. Contributions are welcome.Kensa on GitHub
Source code, issues, and discussions.
OpenWatch on GitHub
Source code, issues, and discussions.