Self-hosted by design
Keep telemetry, inventory, vulnerability findings, and operational history inside infrastructure you control.
Open-source infrastructure operations
Secure control for teams that own their infrastructure.
CarrTech gives engineers a self-hosted operations platform and gives managers a clear view of risk, cost, and operational readiness.
No SaaS dependencyRun inside your network boundary.
Auditable agentsOpen source where trust matters most.
Manager visibilityRisk, coverage, and readiness at a glance.
Engineer time backOne place for monitoring, inventory, CVEs, and certificates.
Security posture
Built for environments where “phone home” is not acceptable.
Air-gap ready
Install bundles, agent packages, and deployment profiles support restricted networks from the start.
Signed integration paths
Product boundaries are explicit, authenticated, and built for defensible operational review.
Least surprise operations
Infrastructure engineers can inspect the stack, pin versions, and review the code that touches their estate.
Product suite
Focused tools for infrastructure teams.
Air-gap ready monitoring
CT-Ops
Self-hosted infrastructure monitoring, inventory, certificates, alerting, and operations workflows for teams that cannot depend on SaaS.
CT-Ops gives infrastructure teams one controlled place to see host health, network inventory, certificate risk, operational alerts, and integrated security signals without sending telemetry outside their boundary.
- Reduce context switching
- Audit host agents
- Give managers risk visibility
Owned vulnerability intelligence
CT-CVE
A standalone vulnerability intelligence service that syncs trusted feeds, matches packages, and sends signed findings back to CT-Ops.
CT-CVE owns the vulnerability intelligence pipeline: source sync, advisory normalization, package matching, finding enrichment, policy decisions, and signed delivery back into operational workflows.
- Track KEV exposure
- Control feed policy
- Keep findings inside your boundary
Integrated secrets control
CT-Vault
A standalone secure vault for infrastructure credentials, recovery secrets, and operational access notes, integrated into CT-Ops where access needs tight control.
CT-Vault helps teams organize secrets by system, environment, owner, and access boundary while keeping deployment self-hosted. It supports direct vault use and CT-Ops integration so engineers can reach the right operational credentials from the workflows that depend on them.
- Centralize operational credentials
- Reduce shared-password risk
- Keep vault ownership local
Commercial support path
CT-Portal
The CarrTech customer portal for licences, billing, support, and commercial access around the open-source platform.
CT-Portal provides the commercial surface around CarrTech products: licensing, account management, billing records, support requests, and customer access without changing the trust model of the self-hosted products.
- Manage licences
- Raise support
- Keep procurement simple
Cost and time
Spend less time stitching tools together.
Consolidated workflows
Monitoring, inventory, certificates, vulnerability intelligence, and operational access live in one controlled platform.
Practical deployment profiles
Start on a single Docker host and move to a Redpanda-backed production profile when the estate needs it.
Decision-ready reporting
Managers see coverage, exposure, and operational health without pulling engineers into repeated status work.
Open source
Trust improves when the important parts can be inspected.
CarrTech keeps the infrastructure-facing platform open so security teams can review what runs on their hosts, how data moves, and how releases are built. Commercial support and portal services add procurement and support paths without hiding the operational core.