Loading…
Loading…
Misconfigured permissions are the most common security issue in Odoo deployments. NonaGuard analyzes every ACL rule, group membership, and access pattern to find vulnerabilities before attackers do — without manual ir.model.access review.
Over time, partners add groups, clone admin users, and install modules that grant broad access. Public portal users end up with write access on internal models. Admin accounts accumulate without 2FA.
Manual permission audits require exporting ACL CSVs and cross-referencing hundreds of rules — impractical when you manage dozens of client instances.
Account control and global access changes — admin group membership and privilege escalation paths.
Security boundary bypass and arbitrary access grants on core models.
Secrets and system configuration exposure via overly broad read access.
Financial data integrity — write access without proper group restrictions.
PII exposure in HR modules across multi-company deployments.
Communication data leaks via portal or public group misconfiguration.
Each finding includes severity, affected model, and recommended fix. Use the PDF report in client security reviews or as scope for a permission hardening engagement.
No. NonaGuard uses read-only XML-RPC access. It reads ACL rules and group memberships but never writes changes. Remediation is always manual or via your own change management process.
Yes. NonaGuard checks record rules and group assignments that could allow users in one company to access records in another — a common issue after module installs or custom development.
Run after every major module installation, custom deployment, or user role change. For SLA clients, include permission checks in monthly automated scans.
Full ACL analysis on connected instances · Agency white-label PDFs