Open Source

We believe security infrastructure should be open. MatrixPlus open-source projects are auditable, extensible, and free of vendor lock-in.

github.com/matrixplusio →

Cloud Workload Protection Open source

mxsec-platform

Cloud Workload Protection Platform (CWPP)

License: AGPL-3.0 (Community) · Commercial (Enterprise)
Languages: Go · TypeScript
Category: CWPP / cloud-native security

GitHub repo Product page →

mxsec-platform is a Cloud Workload Protection Platform for the cloud-native era — unified protection across hosts, containers, and Kubernetes. The Community Edition is fully open source — auditable and extensible. The Enterprise Edition targets production-scale customers with high availability, multi-tenancy, and SLA support.

▸ Unified protection across hosts, containers, and Kubernetes

▸ eBPF-based runtime threat detection

▸ Image scanning and vulnerability management

▸ CIS / NIST / MLPS configuration baselines

▸ Code scanning (SAST) and dependency audit

▸ OpenTelemetry / OCSF open standards

▸ Plugin-based detection rule architecture

▸ Attack-chain visualization and remediation

Community Edition

AGPL-3.0 · open

Full core capability, free and open. Built for individuals, small teams, learners, and community contributors.

▸ Full detection and scanning capability
▸ Single-host or small-cluster deployment
▸ Community docs and GitHub Discussions
▸ Fully open to forking and extension

Enterprise Edition

Commercial

Built for production at scale. Adds enterprise governance, scale-out deployment, and operational guarantees on top of the Community Edition.

▸ High-availability clusters and multi-tenancy
▸ Fine-grained RBAC and audit trail
▸ Compliance reporting and regulator-ready evidence
▸ SLA support, version maintenance, and upgrades
▸ Custom integration and on-site engineer placement

Configuration · CMDB Open source

mxcmdb

Open-source IT asset and configuration management database

License: AGPL-3.0 (Community) · Commercial (Enterprise)
Languages: Go · TypeScript
Category: CMDB / configuration management

GitHub repo Product page →

Put all enterprise IT assets — domains, servers, services, network devices, certificates — into one graph. Community Edition is fully open; Enterprise Edition targets scale-out and multi-group governance.

▸ Multi-type asset models (domains / hosts / services / devices / certificates)

▸ Relationship graph and topology visualization

▸ Agent discovery + agentless scanning

▸ Cloud resource sync (Alibaba / Tencent / AWS / GCP)

▸ Custom asset types and fields

▸ REST API + webhooks

▸ Native integration with mxsec / mxid / ticketdesk

▸ Audit trail and change history

Community Edition

AGPL-3.0 · open

Full CMDB core, free and open.

▸ All asset models and graph capability
▸ Agent / scanning discovery engine
▸ Full REST API
▸ Community and GitHub Discussions support

Enterprise Edition

Commercial

Built for scale-out and multi-group governance.

▸ HA clusters and multi-tenancy
▸ Cross-group merged view with isolation
▸ Deep integration (ITSM / CI/CD / SIEM)
▸ SLA support and version maintenance

Ticketing & Service Desk Open source

ticketdesk

Open-source enterprise ticketing and service desk

License: AGPL-3.0 (Community) · Commercial (Enterprise)
Languages: Go · TypeScript
Category: ITSM / ticketing

GitHub repo Product page →

Open-source ticketing for IT, security, and customer support teams — multi-channel intake, SLA, automated workflows, and a customer portal. Community Edition is fully open; Enterprise Edition targets large-scale support and compliance audit scenarios.

▸ Multi-channel intake (web / email / API / IM)

▸ Assignment rules and escalation policies

▸ SLA management and timeout alerts

▸ Visual workflow editor

▸ Customer self-service portal and knowledge base

▸ Reports, dashboards, and exports

▸ Linked with mxcmdb / mxsec / mxid

▸ Full REST API

Community Edition

AGPL-3.0 · open

Full ticketing and service desk, free and open.

▸ End-to-end ticket lifecycle
▸ SLA, workflows, knowledge base
▸ Customer portal
▸ API and webhooks fully open

Enterprise Edition

Commercial

Built for large-scale support and audit-grade compliance.

▸ HA deployment and multi-tenancy
▸ Compliance audit and evidence export
▸ Deep integration (CMDB / security / IM)
▸ SLA support and version maintenance

Identity & Access Open source

mxid

Enterprise Identity & Access Management (EIAM)

License: AGPL-3.0 (Community) · Commercial (Enterprise)
Languages: Go · TypeScript
Category: EIAM / identity governance

GitHub repo Product page →

mxid is a unified Enterprise Identity & Access Management platform. The Community Edition open-sources the full EIAM core — teams can build their own identity foundation on top of it. The Enterprise Edition targets large-scale enterprise governance with HA, compliance, and long-term support.

▸ OAuth 2.0 / OIDC / SAML / SCIM protocol implementations

▸ Connector SDK (HR / AD / business systems)

▸ Passkey / WebAuthn client

▸ Policy-as-code engine (RBAC / ABAC / ReBAC)

▸ SSO and adaptive MFA

▸ Audit log schema and export tooling

▸ OPA / Cedar policy adapters

▸ CLI admin tooling and Terraform Provider

Community Edition

AGPL-3.0 · open

Full EIAM core, free and open. Built for SMBs, startups, and engineering teams self-hosting their identity foundation.

▸ OAuth / OIDC / SAML / SCIM stack
▸ SSO / MFA / lifecycle basics
▸ Policy-as-code authorization engine
▸ Connector SDK and CLI tooling

Enterprise Edition

Commercial

Built for enterprise scale. Adds governance, compliance, HA, and long-term support on top of the Community Edition.

▸ High-availability deployment with multi-region failover
▸ Fine-grained authorization audit and least-privilege scans
▸ SOC 2 / ISO 27001 / MLPS compliance reporting
▸ Workforce + Customer identity governance
▸ SLA support, version maintenance, and upgrades
▸ Custom integration for customer scenarios

Why we open-source

Security infrastructure is only trustworthy when it's auditable; engineering is only worth depending on when it's open.

Auditable, therefore trustworthy

The tooling that protects your core systems should be readable, testable, and audit-friendly. A black-box security product is itself a risk.

No lock-in

We embrace open standards — OAuth, OIDC, SCIM, OpenTelemetry, eBPF. Customers can fork, self-host, or migrate at any time. No technical debt holding them hostage.

The community is the moat

Engineering problems are ultimately solved by engineers. Open source lets the whole world refine the code — single-vendor effort cannot match a community.

Engineer's pride

We are engineers. We want our code to be read, reused, and criticized. Open source is how we talk to our peers.

How to contribute

Multiple ways to join the MatrixPlus open-source community.

⭐

Star

Watch and star the projects — visibility matters.

🐛

Issue

File bugs or feature requests.

🤝

Pull Request

Contribute code — all levels welcome.

💬

Discussions

Talk to the team and the community on GitHub Discussions.

Bring open standards to your next project

Need an enterprise deployment, a custom integration, or long-term operational support? We stand behind it.

Talk to us →