announcements
Why We Built KafkaGuard
Apache Kafka powers mission-critical data pipelines at thousands of companies. But securing Kafka clusters remains largely manual — engineers spend days reviewing configurations, checking ACLs, and mapping settings to compliance requirements.
KafkaGuard automates this entirely.
What KafkaGuard Does
KafkaGuard is a CLI tool that scans your Kafka clusters and evaluates them against security, reliability, and operational controls:
- 40+ production-ready controls across SASL, SSL/TLS, ACLs, replication, retention, and more
- 3 policy tiers — baseline-dev (20 controls), enterprise-default (40 controls), finance-iso (50 controls)
- 4 report formats — JSON, HTML, PDF, CSV
- Enterprise authentication — SASL (PLAIN, SCRAM-SHA-256/512), SSL/TLS, mTLS, Kerberos
A full scan completes in under 10 seconds.
Getting Started
Install KafkaGuard and scan your first cluster:
# Download the binary
curl -L https://github.com/KafkaGuard/kafkaguard-releases/releases/latest/download/kafkaguard_Linux_x86_64.tar.gz | tar xz
sudo mv kafkaguard /usr/local/bin/
# Scan your cluster
kafkaguard scan --bootstrap localhost:9092 --policy enterprise-default --format html --out report.html
The HTML report includes an executive summary, compliance score, detailed findings, and remediation guidance.
What's Next
We're building KafkaGuard Cloud — a centralized SaaS platform for multi-cluster visibility, drift detection, and AI-powered remediation. Stay tuned.