Apache 2.0
Free. Forever. No Strings Attached.
The core of Stratusec is open source and always will be. Use it, modify it, contribute to it.
What's included
Multi-cloud scanning (AWS, Azure, GCP, K8s)
Basic MCP server (3 tools)
Security graph visualization (Neo4j)
OPA guardrails & policy engine
200+ policy templates
CIS, SOC2, HIPAA, PCI-DSS, NIST mapping
Community support
Apache 2.0 license
Get started
Docker Compose
git clone https://github.com/stratusecai/stratusec cd stratusec && docker compose up -d
Helm
helm repo add stratusec https://charts.stratusec.ai helm install stratusec stratusec/stratusec
How we compare
Stratusec vs other open source cloud security tools.
| Feature | Stratusec | Traditional Scanners | Data Platforms | Query Engines |
|---|---|---|---|---|
| Cloud Providers | AWS, GCP, Azure, K8s | Varies (1–4 providers) | 50+ sources | 140+ plugins |
| AI Integration (MCP) | ||||
| Attack Path Analysis | ||||
| Auto-Remediation | ||||
| Policy Engine | OPA/Rego | Custom / Python | SQL | SQL |
| License | Apache 2.0 | Varies | MPL / Apache | AGPL / Apache |
Join the community
Contribute, get help, and shape the future of cloud security.