v1.0 Launching March 2026

Endpoint compliance,
open source.

CIPHER is a free, open-source platform that continuously inspects your Windows fleet against industry security frameworks—giving you real-time hardening scores, actionable findings, and audit-ready reports.

Star on GitHub Try the Live Demo

Free & open source  ·  Apache 2.0 License  ·  Self-hosted  ·  No telemetry

Features

Everything you need to secure your fleet

A lightweight agent and a powerful dashboard—no complex infrastructure required.

Continuous Compliance

Agents report every 30 minutes. Your compliance posture is always current—not a point-in-time snapshot from last quarter's audit.

Windows Hardening Baselines

Pre-built profiles for Windows 10, 11, Server 2019 & 2022 check 50+ settings including Credential Guard, BitLocker, UAC, and SMB signing.

Custom Scans

Define scan definitions in JSON, XML, or YAML. Include PowerShell scripts and dispatch them to individual agents, groups, or the entire fleet.

Alerting & Webhooks

Get notified the moment an agent goes offline, AV is disabled, or compliance drops below your threshold. Push alerts to Slack, Teams, or any webhook endpoint.

Asset & Software Inventory

Full visibility into every endpoint: OS version, IP, AV status, firewall state, and installed software. Search, filter, and export to CSV.

Trend Tracking

30-day score trend charts show whether your fleet is getting more secure over time. Track baseline scores and compliance scores side-by-side.

Agent Groups

Organize endpoints into groups—Servers, Workstations, by office—and view per-group compliance breakdowns. Target scans and tasks by group.

LDAP & Local Auth

Authenticate against Active Directory or manage local users. AD users are auto-provisioned on first login. Role-based access with Admin and Viewer roles.

One-Click Deployment

Upload agent packages to the server and distribute them with a linking key. Agents self-register on first heartbeat—no manual enrollment required.

Open Source

Built in the open.
Free forever.

CIPHER is released under the Apache 2.0 license. No vendor lock-in, no usage limits, no "enterprise tier" behind a paywall. You own your data and your deployment.

  • Full source code on GitHub
  • Zero telemetry — no data leaves your network
  • Self-hosted on your own infrastructure
  • Community-driven roadmap & contributions welcome
View on GitHub

How It Works

Up and running in three steps

No cloud dependencies, no SaaS subscriptions. Run CIPHER on your own server.

Deploy the Server

Run the ASP.NET Core server on any Windows or Linux machine. Uses SQLite by default—no external database to manage.

Install the Agent

Deploy the lightweight Windows service to your endpoints. Point it at your server URL and linking key. Agents self-register on first heartbeat.

Review & Report

Open the dashboard and see your fleet's compliance posture instantly. Drill into per-agent findings, export CSV reports, and set up alerts.

Coming Soon

Version 1.0 — End of March 2026

The first stable release is almost here. Five compliance frameworks, Windows hardening baselines, custom scans, alerting, and a production-ready dashboard—all open source from day one.

Watch the Repo Preview the Demo
Live Demo

See CIPHER in action

Explore a fully populated dashboard with 15 agents, realistic compliance data, and 30 days of trend history. No sign-up required.

Launch Demo Read the Docs

Demo credentials: admin / Admin123!  ·  Read-only — modifications are disabled.