Agent (Windows endpoints)
- Windows 10 / 11 or Windows Server with supported .NET runtime (.NET 8).
- Sysmon installed and logging (required for the current detection pipeline).
- Run elevated (Administrator) where the product documentation requires it (e.g. reading certain event channels).
- Network egress to your API Gateway URL if uploading events to the cloud.
Web console (dashboard)
- Modern browser (Chrome, Edge, or Firefox recommended).
- The dashboard is a React app; build with Node.js (LTS) for local development.
Backend (AWS)
- AWS account with Lambda, API Gateway, DynamoDB, and (optional) S3, Bedrock, DynamoDB cache for VirusTotal.
- IAM roles and policies as described in repository scripts under
backend/.
- For AI features: Bedrock model access in the chosen region; for MITRE RAG: Pinecone (optional).
Documentation site (this folder)
- Node.js 18+
npm install and npm run build inside documentation/
See Host the documentation.