SimpLE is a technical solution that combines the power of the SIMP Compliance Engine (SCE) with the usability and insights provided by the SIMP Console to give your team a compliance experience like no other.


Visualize System Security

Using the SIMP Console, security personnel are receiving notifications and reports on active findings on a group of hosts, and can immediately see the impact level of a finding on the group. They can then from the same interface notify operations teams and provide them with the list of hosts that are out of compliance, as well as remediation steps that can be added directly to their configuration management system. In addition, it affords organizations options to enforce these remediations or use them to create customized baselines.

Organize and Delegate

Group your systems into folders and view scan results on the group, and delegate access control on a per-folder or per-node basis.

Role-based Access Control

Use the default Roles like Admin and Auditor, or customize your own for fine-grained access control system-wide or per-folder or node.

Built-in integration with Active Directory, vanilla LDAP, or Google Auth. A built-in plugin API for authentication providers can be used to create your own for custom solutions

SIMP Compliance Engine

The SCE is a framework that takes existing compliance and security standards and generates a configuration that is directly applicable to systems. By leveraging Puppet, SCE inspects your applied module parameters and compares them to the values desired or required by policy, optionally forcing Puppet to set those parameters. When used to its fullest potential, SCE creates a Puppet environment where any changes that go against your intended compliance are captured and can be quickly remediated. SCE enables you to enforce compliance, enforce business rules, and enforce enterprise security, all within one powerful engine.

SCE Profiles

The SCE supports both pre-configured and customized profiles. These profiles contain compliance controls or groups of controls that can be applied to the nodes in your infrastructure such as CIS, DISA STIGs, PCI-DSS, etc. Any Puppet module can be mapped with your relevant compliance standard, including custom or business requirements. These mappings are flexible enough to be created by your team or by Puppet Forge module maintainers. Premium profiles can also be created for your organization by Onyx Point, Inc. engineers to use within SimpLE. Any profiles created by Onyx Point come with a guarantee of being tested against all supported compliance standards.

Generate Reports on your posture

Reports can be pulled from your live data at any time, and stored for archival use.

Each Report can be downloaded from the user interface or via curl in PDF, Excel, or HTML format

We work with these Technologies + Partners

puppet
gitlab
simp
beaker
redhat
AFCEA
GitHub
FOSSFeb