Welcome to OpenSCM
OpenSCM (Open Security Compliance Manager) is a self-hosted, privacy-first security compliance platform built in Rust.
Unlike traditional compliance tools that collect and centralize sensitive system data,
OpenSCM agents execute tests locally and only report PASS, FAIL, or NA — your
configuration files, user data, and system details never leave your network.
Getting Started
New to OpenSCM? Start here:
-
Architecture --- Understand the security model, handshake protocol, and privacy architecture.
-
Installation --- Install the server and agent on your infrastructure in minutes.
-
Configuration --- Configure the server and agents for your environment.
-
User Guide --- Learn how to create tests, build policies, and generate compliance reports.
How It Works
1. Install scmserver → Central dashboard and policy management
2. Install scmclient → Agent on every system to monitor
3. Define tests → What to check (files, packages, ports, users...)
4. Build policies → Group tests and assign to system groups
5. Run or schedule → Agents execute locally, report PASS/FAIL/NA
6. Review reports → Dashboard, PDF evidence, compliance scores
License
| Component | License |
|---|---|
| Server & Dashboard | FSL-1.1-ALv2 — converts to Apache 2.0 after 2 years |
| Client Agent | Apache 2.0 — no restrictions |