The Hanalyx Journal

Field notes from production.

Built for agents
/blog/llms.txtagent index/blog/feed.jsonstructured feedJSON-LDstructured dataCopy as Markdownsoon
TutorialsFeatured

How to scan a Linux host for compliance

Scan a Linux host for CIS/STIG compliance over SSH with Kensa. Nothing is installed on the target: agentless, read-only, safe for production, and verifiable.

Remylus RacineJul 8, 20265 min read
Tutorials

How to configure Kensa once so daily scans need almost no flags

Configure Kensa's rules directory, policy variables, host inventory, and results database once so everyday check and remediate commands need almost no flags.

Jul 8, 20266 min read
Compliance

Why you maintain twelve codebases to enforce two frameworks

Two frameworks, twelve codebases. Why compliance automation drifts and falls 6-18 months behind every new OS, and the design decision underneath all of it.

Jul 5, 20266 min read
Industry Insights

The pain of technical compliance isn't the rules. It's the evidence.

The hard part of technical compliance isn't the controls. It's proving you stayed compliant between scans, with evidence captured at the change.

Jun 29, 20266 min read
Industry Insights

OpenWatch: The Open-Source Compliance Operating System for Federal Infrastructure

Continuous compliance posture, temporal queries, drift detection, governance workflows, and audit-ready evidence. Open source. Deploy in 10 minutes.

Mar 5, 202610 min read
Industry Insights

Why I Built Kensa: Open-Source STIG Compliance Automation

After 12 years in federal IT — Army, FBI, DHS, DoD — I built the compliance engine I wished existed. 508 rules, automatic rollback, structured evidence. Open source.

Mar 2, 20267 min read
U
Security

Understanding STIG Drift: Why Federal Systems Lose Compliance

STIG drift isn’t random. It’s driven by vendor updates, day-to-day admin operations, and frequent DISA benchmark changes. This guide explains the mechanics behind the 30–45 day drift cycle and how continuous compliance tools can track changes before findings pile up.

Nov 14, 20254 min read
Compliance

What is SCAP and Why It Matters for Federal Agencies

Learn what SCAP (Security Content Automation Protocol) is, why it matters for federal agencies, and how automation speeds audits and ATO timelines.

Oct 2, 20253 min read
Compliance

Security vs. Compliance: Why the Difference Matters for Your Business

Learn the difference between security and compliance, why both matter, and how businesses avoid costly fines, breaches, and inefficiency.

Sep 27, 20255 min read