Product Features Comparison

Below you will find a list of our products and features compared with the Open Source and Professional versions.

Request an Evaluation License to test this locally yourself. Or Contact Us with your number of system packages to track, operating system, and number of installations so we can get you a price quote quickly.



Feature OpenRMF OSS OpenRMF Professional
System Packages
Role Based Access Control by System Package
Track RMF System Packages
Track FedRAMP System Packages
Uploading SCAP Scans and Checklists
POA&M List, Edit, Report *
POA&M Mitigation Statement Management
Milestone Management
Automatically Track POA&M Changes
Team Notifications
Compliance Generation (Major Controls)
Compliance Generation (to Sub-Control Level)
Tailored NIST Controls
Compliance Overlays
System Security Plan Control Vulnerability Matrix
Test Plan Summary *
Bulk Edit Vulnerabilities
Bulk Lock Vulnerabilities
PowerPoint Summary Download
Team Subpackages
Group Checklists into Teams for viewing / editing
Group Hardware Devices into Teams for viewing / editing
Upload Patch Scans (*.nessus) for allowed Hardware Devices
Update Checklists / Upload SCAP scans for allowed Checklists
Checklists
Edit / Upgrade Checklist
Track Checklist Changes
Track Checklist Item Numbers over Time
Specify Non-Host-Related Checklist
Add Tags for Listing and Filtering
Patch Management
Uploading Single Nessus Patch File
Uploading Multiple Nessus Patch Files
Track Nessus Patch Vulnerabilities
Track Open Patch Vulnerability Numbers over Time
Ports, Protocols, Services Management
Automated Hardware Listing
Add Hardware/Device Tags for Listing and Filtering
Automated Software Listing
Templates
Upload new DISA Checklists
Templating Engine for Checklists
Custom Checklist Template Creation and Tracking
Lock Vulnerabilities from Edits
Specify Non-Host-Related Template
Authentication
Login via Username / Password
Login via CAC, PIV, ECA or client certificate
Login via Windows Active Directory or LDAP
Training
User Training ****
Administrator Training ****
General
Setup via Docker or Kubernetes
OVA (Virtual Machine) images
Auditing **
Support ***
Integrated Logging
Licensing

* Export to MS Excel only
** Auditing of create, update, delete only; not read access
*** Support is only by Slack, GitHub, Email as time is available
**** Pricing per student