See It, Control It

Governance, or Cloud Governance, refers to the rules, policies, and procedures that help organizations manage and optimize cloud services.

A Governance Framework provides a structured approach to applying these guidelines across the organization, ensuring compliance, security, and cost-efficiency.

For instance, if your app uses AWS S3 or Google Blob for storing documents, the framework dictates encryption, lifecycle management, and tagging policies to apply. You may also need approval via GitHub or JIRA before production deployment, depending on team requirements.

Governance frameworks optimize costs, reduce waste, enhance security, improve reliability, and ensure compliance.

Note: "Governance" and "Cloud Governance" are used interchangeably on our platform.

Open Governance is an open-source project that streamlines governance across multiple cloud providers providers, platforms, and tools with a vendor-neutral policy language.

It offers comprehensive visibility, risk assessment, and policy definition frameworks to tackle governance challenges and conduct compliance audits.

The product is available in both the Community Edition, which is open source, and the Enterprise Edition, featuring over 50+ security, operational, and best practices policy frameworks, along with the capability to inspect numerous assets and attributes.

OpenGovernance is designed for Engineering, DevOps, and Security teams to simplify their workflows.

Visibility: Consolidates visibility of cloud assets, identities, configurations, repositories, and incidents across more than 50 cloud providers and tools, enhancing management and oversight.

Improve Security: Audit against recognized security frameworks such as CIS, NIST CSF, Cloud Security Alliance (CSA), FedRAMP, and more. Captures evidence and tracks drifts.

Audit for Best Practices: Assesses cloud workloads against the Well-Architected Frameworks to identify reliability gaps in data, network, application, and cloud compliance. Ensures infrastructure alignment with vendor-recommended best practices to boost efficiency, security, and reliability.

The Community Edition is open-source and licensed under the Elastic License V2. It includes three connectors: AWS, Azure, and Entra ID (Azure AD). While limited to these three connectors, there are no restrictions on the number of integrations you can create within them.

There is no support and SLAs available for Community Edition.

Under the Elastic License V2, you can't resell, repackage, or offer the software or any derivative works as a service without explicit permission. You are free to use it internally without any limits.

The Enterprise Edition on your own infrastructure or as SaaS, supporting over 50 tools and platforms like GitHub, GitLab, Snyk, and CloudFlare. It retains audit history across major upgrades, which occur every six months.

Both Managed and SaaS hosted options are available for the Enterprise Edition, with the Managed option ensuring data remains with the customer. 

Steampipe is an open-source tool that turns your cloud infrastructure into a queryable database. Use familiar SQL to explore and analyze your cloud environment in real-time. Think of it as a developer-friendly, always up-to-date catalog of everything in your cloud.

OpenGovernance takes Steampipe's power further, adding a layer of governance and control. We enable you to save query history, visualize results in dashboards, manage policies across multiple accounts, and collaborate with your team - all within an intuitive UI.

We also extend Steampipe's vendor-agnostic SQL-based language to seamlessly integrate with over 50+ DevOps, Cloud, Kubernetes, Identity Providers, and other platforms and tools. It's like Steampipe, supercharged for security, compliance, and operational excellence.