layout	default
title	OpenCTEM CTEM Platform
nav_exclude	true
search_exclude	true

OpenCTEM CTEM Platform

Continuous Threat Exposure Management Platform

Unified Attack Surface Management & Vulnerability Management

Website | GitHub | Getting Started

Documentation

Guide	Audience	Description
User Guide	Security teams, analysts	How to use the platform day-to-day
Admin Guide	DevOps, SRE, admins	Deployment, configuration, operations
Developer Guide	Contributors, integrators	Architecture, API, SDK, contributing

---

What is OpenCTEM?

OpenCTEM is an enterprise-grade Continuous Threat Exposure Management (CTEM) platform that helps security teams continuously monitor, assess, and remediate security risks across their digital infrastructure.

The CTEM 5-Stage Process

┌─────────────┐    ┌─────────────┐    ┌──────────────────┐    ┌─────────────┐    ┌──────────────┐
│   SCOPING   │───▶│  DISCOVERY  │───▶│  PRIORITIZATION  │───▶│  VALIDATION │───▶│ MOBILIZATION │
│             │    │             │    │                  │    │             │    │              │
│ Define your │    │ Find assets │    │ Rank by risk &   │    │ Verify with │    │ Remediate &  │
│ attack      │    │ & exposures │    │ business impact  │    │ scanning    │    │ track tasks  │
│ surface     │    │             │    │                  │    │             │    │              │
└─────────────┘    └─────────────┘    └──────────────────┘    └─────────────┘    └──────────────┘

---

Key Features

Category	Features
Asset Management	35+ asset types (Domains, IPs, Certificates, Cloud, Containers, K8s, IAM, Repositories, and more)
Vulnerability Management	Findings, CVE tracking, CVSS scoring, SLA policies
Scan Management	Agents, Scan Profiles, Pipelines, Tool Categories
Multi-tenancy	Teams, Role-based access (Owner/Admin/Member/Viewer)
Integrations	SDK for custom tools, Agent for CI/CD, SCM connections
Security	JWT/OIDC auth, CSRF protection, audit logging

---

Architecture

┌─────────────────────────────────────────────────────────────────────────────┐
│                              OpenCTEM Platform                                │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   ┌─────────────┐    ┌─────────────┐    ┌─────────────┐    ┌─────────────┐ │
│   │   Web UI    │    │   REST API  │    │  Database   │    │    Cache    │ │
│   │  (Next.js)  │───▶│    (Go)     │───▶│ (PostgreSQL)│    │   (Redis)   │ │
│   │  Port 3000  │    │  Port 8080  │    │             │    │             │ │
│   └─────────────┘    └──────┬──────┘    └─────────────┘    └─────────────┘ │
│                             │                                               │
│                             ▼                                               │
│   ┌─────────────────────────────────────────────────────────────────────┐  │
│   │                        Agent / SDK Integration                       │  │
│   │  ┌───────────┐  ┌───────────┐  ┌───────────┐  ┌───────────────────┐ │  │
│   │  │  Semgrep  │  │   Trivy   │  │ Gitleaks  │  │   Custom Tools    │ │  │
│   │  │   (SAST)  │  │   (SCA)   │  │ (Secrets) │  │   (SDK-built)     │ │  │
│   │  └───────────┘  └───────────┘  └───────────┘  └───────────────────┘ │  │
│   └─────────────────────────────────────────────────────────────────────┘  │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘

---

📚 Documentation

Getting Started

Guide	Description
Quick Start	Get up and running in 10 minutes
First Scan	Run your first security scan
Configuration	Environment variables

Guides

Guide	Description
Authentication	Login flow, JWT, sessions
Multi-tenancy	Teams, tenant switching
Permissions	Role-based access control
Notification Integrations	Slack, Teams, Telegram, Email alerts
Running Agents	Setup and run scanning agents
SDK Development	Build custom scanners
Building Ingestion Tools	Custom data collectors

Architecture

Document	Description
Overview	System design
Deployment Modes	Standalone, distributed
Server-Agent Communication	Command & control
Agent Key Management	API keys, registration tokens
Scan Pipeline Design	Workflow execution
Notification System	Real-time alerts, async patterns

Security

Document	Description
Security Guide	Security features and best practices
Agent Configuration	Secure agent configuration

Reference

Document	Description
API Reference	Complete API endpoints
CTIS Schema	CTEM Ingest Schema

Operations

Document	Description
Troubleshooting	Common issues
Docker Deployment	Container deployment

---

🚀 Quick Start

# Clone repository
git clone https://github.com/openctemio/openctem.git
cd openctem

# Configure
cd api && cp .env.example .env && cd ..
cd ui && cp .env.example .env.local && cd ..

# Start with Docker
docker compose up -d

Service	Local	Production
Frontend	http://localhost:3000	https://your-domain.com
Backend API	http://localhost:8080	https://api.your-domain.com
API Docs	http://localhost:8080/docs	https://api.your-domain.com/docs

---

🛠 Tech Stack

Component	Technologies
Backend	Go 1.26, Chi Router, PostgreSQL 17, Redis 7
Frontend	Next.js 16, React 19, TypeScript, Tailwind 4
Auth	JWT (local) / Keycloak (OIDC)
SDK	Go SDK with Scanner/Parser/Collector interfaces

---

📦 Repositories

Repository	Description
api	Backend REST API (Go)
ui	Frontend Application (Next.js)
sdk	Go SDK for building tools
agent	Security scanning agent
setup	Deployment & Docker Compose
schemas	CTIS JSON Schemas
keycloak	Keycloak Configuration
docs	Documentation (this repo)

---

🤝 Contributing

We welcome contributions! Please see:

• Contributing Guide
• Code of Conduct
• Security Policy

---

💖 Support

If you find OpenCTEM useful, consider supporting the project:

BSC Network (BEP-20):

0x97f0891b4a682904a78e6Bc854a58819Ea972454

---

📧 Contact

• Website: https://openctem.io
• Email: openctemio@gmail.com
• GitHub: https://github.com/openctemio

---

📄 License

GPL License - see LICENSE