In the link I explain:
I love crowdstrike, its amazing.
However, its Linux agent isn't the best. I tested an open-source Linux EDR solution and I loved it.
So I wanted to know why aren't Crowdstrike copying it, collobarating with it or just using it?
I think it can dramatically improve the Linux agent.
The open-source project that I used: https://github.com/Cybereason-Public/owLSM
For more then a year Iv'e been working on an open-source EDR that has a real time sigma rules engine in the kernel. This allows us to monitor and block many types of attacks and vulnerabilities with sigma rules (yes im able to stop many types of vulnerabilities with this!)
This project is my baby and I want to hear your feedback on it.
For my ego im trying to pass 1000 GitHub stars lol.
P.S. This project started as my "hobby project" byt my employer loved this project and decided to deploy it on more then 10K endpoints.
I was just fired from my company. I was a Snr Linux Kernel security researcher and engineer.
At my role I created an open source repo Cybereason-Public/owLSM.
I want the project to become Viral (many GitHub stars and contributers) so it will help me get hired soon. More eyes == More stars == New job.
If you agree with me, let me know and help me with a GitHub star.
If you know about an intresting opening in the Linux Kernel Security field, please comment.
Thanks guys !