Services

Engineer-led compliance services backed by the tools we build

We use our own open-source tools (Kensa + OpenWatch) to deliver results in days that traditionally take weeks. Every engagement delivers structured evidence, automation that compounds, and tooling you own.

Compliance Assessment

$3K - $8K

Your actual posture, documented and defensible — in days, not weeks.

  • 508 automated compliance checks per host
  • Structured evidence per finding (command, output, expected vs. actual, timestamp)
  • Multi-framework mapping in a single report (STIG, CIS, NIST 800-53, PCI-DSS, FedRAMP)
  • Exportable as JSON, CSV, or PDF
Get Started

CMMC Readiness Package

Contact us

Know where you stand before your assessor does.

  • Gap analysis mapped to CMMC Level 2 controls
  • Automated remediation with rollback safety
  • Evidence package formatted for C3PAO review
  • Prioritized remediation roadmap for remaining findings
Get Started

Compliance Automation Deployment

Contact us

Stop rebuilding evidence every cycle. Build the system once.

  • OpenWatch platform deployed (Docker, Podman, or bare metal)
  • Kensa rules configured for your frameworks and environment
  • Adaptive scheduling (healthy every 15 min, degraded every 5, critical every 2)
  • Drift detection and alerting configured
  • Team training and handoff
Get Started

Continuous Monitoring Setup

Contact us

Satisfy FedRAMP ConMon and FISMA requirements with real data, not narrative.

  • Everything in Compliance Automation Deployment, plus:
  • Exception management workflows (request, approve, time-limit, revoke)
  • Temporal compliance queries ("What was our posture on date X?")
  • Audit query builder with saved queries for recurring requests
  • RBAC configured for your team structure
  • Assessor-facing dashboard views
Get Started
Every Engagement

What You Get

Structured evidence

Your assessor can independently verify it — not screenshots, not narratives.

Automation that compounds

The second assessment is cheaper than the first.

Tooling you own

Open source, no vendor lock-in, no license keys holding your data.

Knowledge transfer

Your team operates the system after we leave.

Comparison

How We Compare

HanalyxBig 4 ConsultantsEnterprise Tools
ApproachEngineer-led, tooling-poweredConsultant-driven, report-heavyLicense-driven, agent-based
RemediationAutomated with rollbackRecommendations on paperNone or basic scripts
EvidenceMachine-verifiable, structuredScreenshots and narrativesProprietary formats
After engagementYou own the system and can operate itYou own a reportYou own a subscription
Typical costStarting at $3K$50K - $200K$50K+/year
Free Assessment

Not sure where you stand?

We'll scan one of your non-production systems at no cost and walk you through the results. No commitment. No sales pitch. Just your actual compliance posture, documented.

Schedule a free assessment