Kali Linux

WhiteBeam : Transparent Endpoint Security

WhiteBeam is a Transparent endpoint security

Features

  • Block and detect advanced attacks
  • Modern audited cryptography: RustCrypto for hashing and encryption
  • Highly compatible: Development focused on all platforms (incl. legacy) and architectures
  • Source available: Audits welcome
  • Reviewed by security researchers with combined 100+ years of experience

Installation

WhiteBeam is currently unavailable for installation due to backwards-incompatible security enhancements for 0.3. Check back soon!

From Packages (Linux)

Distro-specific packages have not been released yet for WhiteBeam, check again soon!

From Releases (Linux)

  1. Download the latest release
  2. Ensure the release file hash matches the official hashes (How-to)
  3. Install:
    • ./whitebeam-installer install

From Source (Linux)

  1. Run tests (Optional):
    • cargo run test
  2. Compile:
    • cargo run build
  3. Install WhiteBeam:
    • cargo run install

Quick start

  1. Become root (sudo su/su root)
  2. Set a recovery secret: whitebeam --setting RecoverySecret mask. After setting the recovery secret, you can run whitebeam --auth to make changes to the system.

How to Detect Attacks with WhiteBeam

Multiple guides are provided depending on your preference. Contact us so we can help you integrate WhiteBeam with your environment.

  1. Serverless guide, for passive review
  2. osquery Fleet setup guide, for passive review
  3. WhiteBeam Server setup guide, for active response

How to Prevent Attacks with WhiteBeam

ℹ️ WhiteBeam is experimental software. Contact us for assistance safely implementing it.

  1. Become root (sudo su/su root)
  2. Review the baseline at least 24 hours after installing WhiteBeam:
    • whitebeam --baseline
  3. Add trusted behavior to the whitelist, following the whitelisting guide
  4. Enable WhiteBeam prevention:
    • whitebeam --setting Prevention true
R K

Recent Posts

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

1 day ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

2 days ago

How to Use the touch Command in Linux

The touch command is one of the quickest ways to create new empty files or update timestamps…

2 days ago

How to Search Files and Folders in Linux Using the find Command

Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…

2 days ago

How to Move and Rename Files in Linux with the mv Command

Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…

2 days ago

How to Create Directories in Linux with the mkdir Command

Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…

2 days ago