Based on Wazuh Agent, an open source endpoint security agent.
Note
Work in progress: This project is currently under development.
BOSSS XDR Agent is a lightweight and versatile security monitoring component designed to run on endpoints, collecting and forwarding security-related data to the BOSSS XDR Server through an encrypted and authenticated channel.
This repository contains the BOSSS XDR Agent, a key component in the BOSSS XDR solution. The agent is deployed on monitored systems to collect data, which is then sent to the BOSSS XDR Server for analysis.
To install the BOSSS XDR Agent, follow the steps below:
-
Clone the repository:
git clone https://github.com/secureonelabs/bosss-xdr-agent.git cd bosss-xdr-agent -
Use one of the following options:
For more detailed installation instructions, please refer to the documentation.
This project uses the following third-party software:
| Software | Description | License | Version |
|---|---|---|---|
| Boost Asio | Cross-platform C++ library for network programming | Boost Software License 1.0 | 1.85.0 |
| Boost Beast | Library built on Boost Asio for HTTP and WebSocket communication | Boost Software License 1.0 | 1.85.0 |
| nlohmann-json | JSON parsing and serialization library for C++ | MIT License | 3.11.3 |
| OpenSSL | Toolkit for SSL/TLS protocols | Apache 2.0 and OpenSSL License | 3.3.2 |
| sqlite3 | Self-contained SQL database engine | Public Domain | 3.45.0 |
| spdlog | Fast C++ logging library | MIT License | 1.14.0 |
If you discover a security vulnerability, please send an email to security@secureonelabs.com.
This project is licensed under the AGPL-3.0 License.
This project is based on Wazuh Agent. See ATTRIBUTION.md for details.
Copyright (C) 2024, Wazuh Inc. Copyright (C) 2024, SecureOneLabs