- Are repetitive, tedious processes taking up too much of your time?
- Is more time spent focusing on managing your data than acting on the data itself?
WALKOFF is an automation framework that allows you to easily automate these 80% of tedious tasks so you can get the job done faster, easier, and cheaper.
WALKOFF is built upon an app based architecture which enables the plug and play integration of devices and capabilities. These capabilities can then be tied together to form Workflows. Workflows are defined in a JSON format making them easily sharable across environments and organizations and easily created/customizable through our drag and drop workflow editor.
WALKOFF also makes it easier to manage your newly automated processes with real-time visual updates and feeds based on your workflows progress.
Apps can also have custom interfaces enabling app developers to uniquely display information. WALKOFF not only makes it easier for users to automate their processes but allows users to act on their processes faster as well.
Walkoff apps can be found at: https://github.com/nsacyber/WALKOFF-Apps
- Python 2.7+ or Python 3.4+
- NodeJS v4+ and Node Package Manager (npm) v5+
- On Ubuntu, if you install
apt-get, it will be installed as
nodejs- you may need to create a symlink from your installed
npmto work correctly.
- npm v5 requires Node v4+, while npm v6 requires Node v6+. Using NVM (Node Version Manager) can assist in obtaining the correct versions of NodeJS and NPM.
- On Ubuntu, if you install
- Redis 5+
- Redis can be run on Linux (see https://redis.io/topics/quickstart or check your OS's package manager),
- If you are using Windows, you will need to use Redis in a VM or a Docker container.
- Best used with Linux, or in Docker
- On Linux, you will need the
python-develpackage for your distribution if running natively.
- On Linux, you will need the
Individual apps may specify their own requirements.
Please see the Readme on Docker Cloud for instructions on running WALKOFF in a docker container: https://cloud.docker.com/repository/docker/walkoffcyber/walkoff
If the Python environment for your elevated privileges are the same as the Python environment you will be running WALKOFF in (use
pip --version to check), you can use the all-in-one setup script with elevated privileges:
If that is not the case, or if you would like to manually install WALKOFF:
First, install the dependencies with the following command:
pip install -r requirements.txt
To install the dependencies for each individual app, run:
Or to just install the dependencies for specific apps:
python scripts/install_dependencies.py -a AppOne,AppTwo,AppThree
Then, generate certificates for WALKOFF's internal messaging:
Next, navigate to /walkoff/client and install the client dependencies with the following commands - these will require elevated privileges:
Next, use gulp to build the client:
npm run build
That's it! To start up the server, just navigate back to the WALKOFF root and run:
Then, navigate to the specified IP and port to start using WALKOFF. The default
Through this script, you can also specify port and host, for example
`python walkoff.py --port 3333 --host 0.0.0.0`
For more options, run
`python walkoff.py --help`
Custom app interfaces
Capability to stream data to interfaces.
User and Role based authentication
Case based logging
- Can granularly configure which events to log on a per-case basis
Drag and Drop Workflow Editor
- Makes creation and editing of workflows as easy as dragging and dropping capabilities.
Flexible Workflow Execution
- Manual Execution - Execute a workflow by pressing a button
- Active Execution - Cron style workflow execution Run workflow every 8 hours for the next 3 months
- Passive Execution - Trigger a workflow based upon data sent to Walkoff
- Ability to pause and resume workflows enabling human in the loop execution
How often are certain apps run?
How often workflows are run?
WALKOFF-enabled apps can be found at www.github.com/nsacyber/walkoff-apps
- master - Main branch for WALKOFF version 2 will be updated from development periodically
- development - Development branch for WALKOFF version 2. Updated frequently
- gh-pages - Pages used to generate documentation at our github.io site
- gh-pages-development - Branch used to document new features in development.
- walkoff-experimental - WALKOFF version 1 No longer under development
Other development-centric branches may be created but should not be considered permanent
An update script,
update.py, is provided to update the repo to the most
recent release. This script uses SqlAlchemy-Alembic to update database schemas
and custom upgrade scripts to update the workflow JSON files. To run this
script in interactive mode run
python update.py -i. Other options can be
python update.py --help. The most common usage is
python update.py -pcs for pull, clean, and setup.
Stability and Versioning
WALKOFF uses Semantic Versioning. Until the full feature set is developed, the
versions will begin with
x version will be updated when a
breaking change is made, a breaking change being defined as one which modifies
either the REST API or the API used to develop and specify the apps is modified
in a way which breaks backward compatibility. No guarantees are yet made for
the stability of the backend Python modules. The
y version will be updated
for patches, and bug fixes. The REST API will have an independent versioning
system which may not follow Walkoff's version number.
WALKOFF is a community focused effort and contributions are welcome.
Please submit pull requests to the
development branch. Issues marked
help wanted and
good first issue are great places to start
contributing. Additionally, you can always look at our
CodeClimate Issues page
and help us improve our code quality.
Comments or questions? email@example.com