About Samma.io
Samma is an open-source, Kubernetes-native security scanning platform built in Sweden. We believe security tooling should be transparent, composable, and built on standards the industry already trusts.
Our Mission
Security scanning shouldn't require proprietary black boxes. Samma combines proven, industry-standard tools into an automated pipeline that runs inside your cluster. Every component is open source, every scanner is a tool you already know, and every result flows to dashboards you already use.
We don't build dashboards to lock you in. Samma produces structured data that works with Grafana, Kibana, or any tool your team prefers. The platform does the scanning and processing — you choose how to visualize it.
Fully Open Source
Every line of Samma is open source. The Kubernetes operator, the SIEM rule engine, the scanner orchestration, and all configuration — it's all on GitHub.
No vendor lock-in, no proprietary agents, no phone-home telemetry. Fork it, extend it, contribute back. Security tooling works best when the community can audit and improve it.
What's in the repo
- Kubernetes operator (Go) for target discovery and scan scheduling
- SIEM rule engine with YAML-based detection rules
- Scanner containers (Nmap, Nikto, Tsunami, DNSRecon)
- Helm charts for one-command deployment
- Pre-built Grafana and Kibana dashboards
Industry-Standard Tools Only
No proprietary components. Samma is built entirely on tools the industry already knows, trusts, and maintains.
Kubernetes
Orchestration platform
Docker
Container runtime
NATS
Message streaming
Elasticsearch
Event storage & search
Grafana
Metrics & dashboards
Kibana
Log analysis & dashboards
Vector.dev
Log pipeline
Helm
Deployment & packaging
Nmap
Network scanning
Nikto
Web vulnerability scanning
Tsunami
Security scanning
DNSRecon
DNS reconnaissance