Skip to main content


The Vendors and Operators below have, unofficially and without any legally-binding commitment, endorsed the principles of Continuous Authorization, and have agreed to collaborate on the development of the OpenControl schema, tools and best practices.

Vendor Members

Pivotal, Inc.

Product: Pivotal Cloud Foundry

OpenControl Repo:

Amazon Web Services (via 18F)

Product: Amazon Web Services

OpenControl Repo:

GovReady BPC

Product: GovReady Toolkit

Toolkit to make scanning with OpenSCAP more developer-friendly

OpenControl Repo:

Product: ComplianceLib (Python)

Machine readable cybersecurity compliance standards library for Python, starting with FISMA and NIST Risk Management Framework

OpenControl Repo:

Docker, Inc.

Product: Docker Datacenter

Enterprise Containers-as-a-Service (CaaS) platform for developers and IT operations

OpenControl Repo:

Red Hat Public Sector

Product: OpenShift Container Platform (OCP)

OpenShift is a container application platform that brings docker and Kubernetes to the enterprise.

OpenControl Repo:

Consultancy Service Members



GovReady BPC


Operator Members

Pivotal, Inc.

Product: Pivotal Web Services

US Government GSA, 18F


Red Hat, Inc

Product: OpenShift Online

Regulatory Members

US Government NIST (via 18F)

Product: NIST 800-53

OpenControl Repo:

Want to join? Simply submit a pull request to this document and add yourself.