Transparent endpoint security
Features
- Block and detect advanced attacks
- Modern audited cryptography: RustCrypto for hashing and encryption
- Highly compatible: Development focused on all platforms (incl. legacy) and architectures
- Source available: Audits welcome
- Reviewed by security researchers with combined 100+ years of experience
In Action
Installation
WhiteBeam is currently unavailable for installation due to backwards-incompatible security enhancements for 0.3. Check back soon!
### From Packages (Linux)
Distro-specific packages have not been released yet for WhiteBeam, check again soon!
### From Releases (Linux)
1. Download the [latest release](https://github.com/WhiteBeamSec/WhiteBeam/releases)
2. Ensure the release file hash matches the official hashes ([How-to](https://github.com/WhiteBeamSec/WhiteBeam/wiki/Verifying-file-hashes))
3. Install:
* `./whitebeam-installer install`
### From Source (Linux)
1. Run tests (_Optional_):
* `cargo run test`
2. Compile:
* `cargo run build`
3. Install WhiteBeam:
* `cargo run install`
## Quick start
1. Become root (`sudo su`/`su root`)
2. Set a recovery secret: `whitebeam --setting RecoverySecret mask`. After setting the recovery secret, you can run `whitebeam --auth` to make changes to the system.
### How to Detect Attacks with WhiteBeam
Multiple guides are provided depending on your preference. [Contact us](mailto:info@whitebeamsec.com) so we can help you integrate WhiteBeam with your environment.
1. [Serverless guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki), for passive review
2. [osquery Fleet setup guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki), for passive review
3. [WhiteBeam Server setup guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki), for active response
### How to Prevent Attacks with WhiteBeam
:information_source: WhiteBeam is
experimental software.
[Contact us](mailto:info@whitebeamsec.com) for assistance safely implementing it.
1. Become root (`sudo su`/`su root`)
2. Review the baseline at least 24 hours after installing WhiteBeam:
* `whitebeam --baseline`
3. Add trusted behavior to the whitelist, following the [whitelisting guide](https://github.com/WhiteBeamSec/WhiteBeam/wiki)
4. Enable WhiteBeam prevention:
* `whitebeam --setting Prevention true`