Odoo Security Audit — Find Vulnerabilities Automatically

Your Odoo instance contains financial data, employee records, and customer information. NonaGuard automatically scans for permission misconfigurations, over-permissioned groups, and security gaps that put your data at risk.

What We Check

ACL Rule Analysis

Every access control rule is inspected for overly-broad permissions on sensitive models.

Public Access Detection

Finds models with write/create/delete access without group restrictions — a critical vulnerability.

Admin Group Audit

Flags admin groups with excessive membership violating the principle of least privilege.

2FA Compliance

Checks if admin users have Two-Factor Authentication enabled (Odoo 16+ with TOTP).

Sensitive Model Access

Monitors access to res.users, ir.rule, ir.config_parameter, account.move, and more.

Version-Aware Checks

Adapts security checks based on your Odoo version (15-19) for accurate results.

Severity Levels

CriticalPublic write access, no-group ACL on sensitive models

HighNon-admin write on ir.rule, missing 2FA on admin users

MediumExcessive admin group membership, broad access patterns

LowInformational findings, best practice recommendations

Run a Security Audit — Free

14-day free trial. Cancel anytime.