Features
Rudder is an infrastructure security automation platform for managing and securing IT systems on-premises or in the cloud. With its powerful features and its graphical interface, Rudder makes it effortless to audit and ensure your security posture, facilitating IT team operations.
Main features
Check/enforce mode
Audit configurations and settings only, or correct them continuously. Define modes at the global, system or configuration level.
Live dashboards
Quickly monitor the health of your IT environment and share it with other teams.
Rudder score
Easily understand and visualize the health of your systems by aggregating Rudder components into an overall score.
Real-time insights
Gain real-time security and compliance, providing clear visibility into your infrastructure and enabling fast, informed security decisions at scale.
Dynamic groups
Create dynamic groups based on inventory and data criterias. Each new machine will be automatically classified.
Multiplatform agents
Centralize all the management of your systems. Agents work for Linux, Windows, Raspberry Pi, Solaris.
API-based design
Driven by API, Rudder integrates perfectly with your IT environment and workflows. With the API, you can also create specific reports or interfaces. It's a powerful tool for DevSecOps teams.
Patch and vulnerability management
System updates
Check and ensure your systems and applications have the latest update installed. Apply patches if necessary.
CVE assessment
Continuously detect vulnerabilities in your systems. And get detailed information to properly remediate them.
CVE remediation
Create a patch campaign directly from a vulnerability, for quick remediation.
Patch campaigns
Simply create and plan your multi-OS patch campaigns with many options as recurrence, restart/reboot option... Campaign events are then created and run automatically.
Micropatching
Create and run patch campaigns targeting specific packages. In this way, you can quickly remediate critical vulnerabilities on your systems and limit security risks.
Patch reports
Monitor past event campaigns and their results. You have continuous visibility into patch management.
CVE reports
Get reports on CVEs through the API. You can filter CVE before exporting them. This gives you more accurate and easier-to-understand results.
Policy and benchmark compliance
Pre-defined benchmarks
Quickly deploy ready-to-use benchmark, packages, such as CIS, with the flexibility to fine-tune parameters according to the constraints of your IT infrastructure.
Continuous audit
Managed systems are checked autonomously every 5 minutes by agents to ensure their compliance.
Benchmark results
Get clear reports, including a score for each benchmark, which you can easily share within your organization.
Custom security policies
Easily create and customize security policies through a user-friendly interface. You can manage internal security policies of your organizations, standards (ISO 27001, PCI-DSS…) and system hardening.
Audit security standards
Audit security standards with Rudder such as CIS benchmarks, SecNumCloud, etc. And check system compliance.
OpenSCAP audit
Automatically trigger OpenSCAP audits, then collect and make the results available directly in Rudder interface.
Security configuration management
Configuration builder
Easily create configurations through a user-friendly interface. Switch the YAML builder in one click.
Modular configurations
Create your own configuration modules for simplified configuration management. And build complex components that can be easily reused by others.
Declarative configurations
Define the desired state of your infrastructure through your configurations. No need to think about how to reach it, Rudder does it for you.
Hierarchical data management
Manage exceptions in your systems by associating data with an instance, a node or a group; fine-tune merge and override policies; and view computed values.
Drift management
Anomaly detection and remediation with self-healing (within 5 minutes).
System provisioning
Go from a minimal OS installation to a fully configured system in minutes. Rudder takes care of customizing the installation to suit your needs.
Continuous deployment
Achieve continuous deployments for applications, configurations, files, scripts, registered keys… That easily integrates with CI/CD stacks.
Progressive rollout
Create new configurations and deploy them step by step over your infrastructure.
Control and visibility
Complete inventory
Get a comprehensive inventory of all managed systems. The inventory is extendable and runs nightly and can be easily synchronized with other tools such as CMDB.
Full configuration versioning
Track every configuration changes through versioning. Each version allows audit, control and rollback management.
Technical feedback
Investigate configuration issues from high level overview to detailed logging of each node.
Activity logs
Get visibility of every change applied to configurations. Everything is tracked and logged.
Scalability and performance
Lightweight agent
Keep the best performance: agents check hundreds of components in seconds while using only a few MB to run.
Disconnected agent
Manage your infrastructure at any time. Agents are network-proof and can continue to audit and enforce configurations without connecting to the Rudder server.
High availability
Always maintain high availability thanks to a replica Rudder server in standby mode that can be spinned up in minutes.
Relay servers
Connect remote networks to Rudder server and enhance connectivity of unreliable networks.
Resilient communication protocols
Manage infrastructure with minimal network flows and pull-based distribution.
Teamwork
External authentication
Use your company directory with AD, LDAP and SSO to connect to Rudder.
User rights management
Manage users access to the interface with different roles that you can customize. Users also get a personal API token to automate actions.
Multi-tenant
Give access only to a subset of systems, may it be a customer or a specific environment.
Change requests
Have a coworker or a peer review your change before deploying it to production.
Customizable interface
Customize the user interface with your own custom theme.