Skip to content

bansikah22/sysguardd

BranchesTags

Repository files navigation

SysGuardd

SysGuardd Logo

SysGuardd is a runtime process enforcement daemon focused on stopping unauthorized execution on Linux hosts and Kubernetes nodes.

It combines deterministic policy evaluation, active mitigation, and structured audit telemetry.

Documentation

Key pages:

C/C++ Quick Start

Build and test:

cmake -S . -B build -DCMAKE_BUILD_TYPE=Debug
cmake --build build
ctest --test-dir build --output-on-failure

Installer:

./scripts/install.sh --smoke-test

Systemd install:

./scripts/install.sh --systemd

Kubernetes (Helm)

Install from local chart:

helm install sysguardd ./helm --namespace kube-system --create-namespace

Install from OCI chart:

helm install sysguardd oci://registry-1.docker.io/bansikah/sysguardd-helm --version 1.0.0

More Kubernetes setup and alerting examples: docs/KUBERNETES.md

CLI Quick Commands

sysguardd version
sysguardd status --json
sysguardd policy validate ./policies/default.policy
sysguardd help

Runtime Check

Run in monitor mode with baseline policy:

./build/sysguardd daemon --mode monitor --policy ./policies/default.policy

Event format for stdin-based testing:

PID PPID EXE [ARG ...]
1200 1 /usr/bin/bash -c whoami

Check runtime status:

sysguardd-status

More install/test details: docs/INSTALL-TEST.md

License

This project is licensed under the terms in LICENSE.

About

An agents that monitor system calls, track unauthorized file access, and kill malicious processes instantly

bansikah22.github.io/sysguardd/

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages