Odoo Security Scanner Suite is a developer-friendly and admin-focused module for Odoo that helps assess the security posture of your Odoo instance. It provides automated diagnostics on critical security configurations and summarizes the results in a clear, actionable report, now displayed with improved readability using formatted HTML output.
- Master Password Validation: Detects whether a master password is configured.
- HTTPS Enforcement: Confirms secure HTTP (HTTPS) usage for your Odoo instance.
- Access Rule Verification: Ensures all non-core models have defined access control rules with clear, human-readable output.
- Logging Setup Check: Validates whether logging levels are properly configured.
- Database Filtering: Verifies the presence of a database filter.
- Database Listing Control: Checks if open database listing is disabled.
- One-click scan initiation directly from the UI.
- Real-time scan state tracking using a clean, state-driven interface.
- Automatic scan naming for easy traceability.
- Enhanced "Scan Results" output displayed in a clean, HTML-formatted view for better readability.
- Integrated form and list views.
- "Security Scan" menu in Odoo for easy access.
- Improved visibility and presentation of scan findings.
- Clone or copy the
security_scanner_suitedirectory into your Odooaddonspath. - Restart your Odoo server.
- Go to the Apps menu, update the app list, and install the Security Scanner Suite.
- Navigate to Security Scanner → Scans.
- Click Create to generate a new scan record.
- Hit Run Scan.
- View the results under the Scan Results tab, presented with readable and formatted HTML.
- Scheduled scans for continuous monitoring.
- Enhanced scan types (database, server environment).
Contributions are welcome! Feel free to open an issue, suggest enhancements, or create a pull request to help strengthen the security of the Odoo ecosystem.