---

Transparent endpoint security

---

Features

• Block and detect advanced attacks
• Modern audited cryptography: RustCrypto for hashing and encryption
• Highly compatible: Development focused on all platforms (incl. legacy) and architectures
• Source available: Audits welcome
• Reviewed by security researchers with combined 100+ years of experience

In Action

• Video demonstration of detection and prevention capabilities
• Testing WhiteBeam against zeroday exploits
• Recorded attacks against the WhiteBeam honeypot

Installation

WhiteBeam is currently unavailable for installation due to backwards-incompatible security enhancements for 0.3. Check back soon!

### From Packages (Linux) Distro-specific packages have not been released yet for WhiteBeam, check again soon! ### From Releases (Linux) 1. Download the [latest release](https://github.com/WhiteBeamSec/WhiteBeam/releases) 2. Ensure the release file hash matches the official hashes ([How-to](https://github.com/WhiteBeamSec/WhiteBeam/wiki/Verifying-file-hashes)) 3. Install: * `./whitebeam-installer install` ### From Source (Linux) 1. Run tests (_Optional_): * `cargo run test` 2. Compile: * `cargo run build` 3. Install WhiteBeam: * `cargo run install`

## Quick start 1. Become root (`sudo su`/`su root`) 2. Set a recovery secret: `whitebeam --setting RecoverySecret mask`. After setting the recovery secret, you can run `whitebeam --auth` to make changes to the system. ### How to Detect Attacks with WhiteBeam Multiple guides are provided depending on your preference. [Contact us](mailto:info@whitebeamsec.com) so we can help you integrate WhiteBeam with your environment. 1. [Serverless guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki), for passive review 2. [osquery Fleet setup guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki), for passive review 3. [WhiteBeam Server setup guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki), for active response ### How to Prevent Attacks with WhiteBeam :information_source: WhiteBeam is experimental software. [Contact us](mailto:info@whitebeamsec.com) for assistance safely implementing it. 1. Become root (`sudo su`/`su root`) 2. Review the baseline at least 24 hours after installing WhiteBeam: * `whitebeam --baseline` 3. Add trusted behavior to the whitelist, following the [whitelisting guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki) 4. Enable WhiteBeam prevention: * `whitebeam --setting Prevention true`