We are excited to announce that we are officially open sourcing our latest project, Pulsar. Pulsar is a powerful, blazing fast security observability framework designed specifically to address the challenges of embedded security. Powered by eBPF and written in Rust, Pulsar is lightweight, safe by design and gives you full access to your devices security.
What is Pulsar
At its core, Pulsar is a framework for monitoring the activity of Linux devices. Pulsar allows you to collect runtime information about the system from the Linux kernel through its modules, enrich and transform this information into events and publish the events on a shared event bus. Through the Pulsar rules engine, you can write and apply any rule to generate alerts when undesired system behaviour occurs (e.g. accessing certain areas of the filesystem or executing anomalous syscalls).
The need for security and observability for embedded devices today is clearer than ever. The rapidly increasing number of IoT devices is empowering significant cultural revolutions and bringing great benefits to the economy, but it is also exposing an ever increasing attack surface for consumers and business with potentially disastrous consequences.
Pulsar modular design makes it easy to adapt the core architecture to diverse use cases. In fact, if there isn't yet a module that does what you need, you can simply create one and load it yourself: all the events collected by the new module will be available on the event bus for further processing and threat analysis.
Secure by Design
Combining the efficiency of eBPF technology and the inherent safety of the Rust programming language, Pulsar is secure by design and combines the advantages of both kernel- and user-space security applications. With Pulsar, you get access to the most fine-grained security controls on your device, without compromising its safety and performance.
Built for the IoT
Pulsar is the first eBPF-based runtime security framework targeting embedded and IoT devices. This means that high performance and low overhead are guaranteed also with limited compute resources, and that the most common IoT architectures and frameworks are supported by design.
We decided to open source Pulsar because we believe in complete transparency when it comes to security software and we hope that the community and the IoT security landscape in general will benefit significantly from it, ultimately making our every-day lives safer.
With all its awesomeness, Pulsar is still an early stage project. This means that you can be sure to expect a lot more good stuff to be added over the next months. It also means that - if you like the project - this is an excellent time to engage with the community and shape its future.
To find out more about Pulsar make sure to: