Strelka is a real-time, container-based file scanning system used for threat hunting, threat detection, and incident response. Originally based on the design established by Lockheed Martin's Laika BOSS and similar projects (see: related projects), Strelka's purpose is to perform file extraction and metadata collection at enterprise scale.
Strelka differs from its sibling projects in a few significant ways:
Strelka's ZeroMQ architecture is retired and was migrated to the archive/zeromq branch. This branch is now considered legacy code, is no longer actively supported, and will only receive bugfix updates.
Guidelines for contributing can be found here.
Strelka and its associated code is released under the terms of the Apache 2.0 license.