Skip to content

ClosedSSPM

CI CodeQL Go Report Card License Go Version Release OpenSSF Baseline OpenSSF Scorecard

ClosedSSPM is an Open Source SaaS Security Posture Management tool. It audits SaaS platforms for security misconfigurations across ServiceNow, Snowflake, Google Workspace, and Microsoft Entra ID. The scanner identifies risks and provides actionable remediation guidance.

Key Features

  • Multi-platform Support --- Audit ServiceNow, Snowflake, Google Workspace, and Microsoft Entra ID from a single tool.

  • 166 Security Checks --- Comprehensive coverage across supported platforms to identify critical misconfigurations.

  • Policy-as-Code --- Manage and customize security checks using a flexible YAML-based policy engine.

  • Extensive Reporting --- Generate results in HTML, JSON, CSV, and SARIF formats for human review or tool integration.

  • AI-Assisted Analysis --- Integrated MCP server allows AI agents to analyze scan results and suggest fixes.

  • CI/CD Integration --- Official GitHub Action and --fail-on threshold support for automated security gates.

  • Offline Analysis --- Capture snapshots of platform state for later analysis without requiring live access.

  • Automated Audits --- Schedule regular scans to ensure continuous compliance and security posture.

ClosedSSPM HTML Report

Quick Example

Try it out

Configure your environment variables and run a scan against your instance.

export SNOW_INSTANCE=https://mycompany.service-now.com
export SNOW_USERNAME=audit_user
export SNOW_PASSWORD=secret
closedsspm audit --output report.html

Supported Platforms

Platform Security Checks Documentation
ServiceNow 86 checks Platform Details
Snowflake 55 checks Platform Details
Microsoft Entra ID 15 checks Platform Details
Google Workspace 10 checks Platform Details

Get Started

Check the Installation Guide to set up ClosedSSPM and run your first audit.