Horusec Platform

Horusec Platform is a set of web services that integrate with Horusec CLI to make it easier for you to see and manage the vulnerabilities.

How to install?

Requirements

You need to have:

• RabbitMQ
• PostgreSQL

There are several ways to install the Horusec Platform in your environment. In some types of installations, we use a make command to simplify the process. If you want to know everything that will be executed, take a look at the Makefile located at the project's root.

You can choose what type of installation you want below, but remember to change the default environment variables values to new and secure ones.

Install with docker compose

Follow the steps:

Step 1: Run the command:

make install

Step 2: Start the docker compose file compose.yml. It contains all services, migrations and the needed dependencies.

• You can find the compose file in deployments/compose/compose.yaml;
• You can find migrations in migrations/source.

Step 3: After this, the installation is ready with all default values, the latest versions, and the following user for tests:

Username: [email protected]
Password: Devpass0*

Docker compose file is configured to perform a standard installation by default.
In the production environments' case, make sure to change the values of the environment variables to new and secure ones.

⚠️ We do not recommend using docker-compose installation in a productive environment.

For more information about Docker compose, check out Docker compose installation section in our documetation.

Install with Helm

Each release contains its own helm files for that specific version, you can find them in the repository and in the folder deployments/helm. In both cases they will be separated by each service of the architecture.

For more information, check out the installing with Helm section in our documentation.

Install with Horusec-Operator

Horusec-Operator performs management between Horusec web services and its Kubernetes cluster. It was created based on a community’s idea to have a simpler way to install the services in an environment using Kubernetes.

• Check out how to install Horusec-Operator in our installing section.
• You can see more about Kubernetes Operators in their documentation.

Features

Horusec Platform provides several features, see some of them below.

MultiTenancy

It distributes only the necessary permissions according to each user:

Dashboard

The dashboard shows you various metrics about your vulnerabilities for workspaces and repositories:

Vulnerability Management

The vulnerability management screen allows you to identify false positives, accepted risk, and even modify a severity to an appropriate value to the reality of the vulnerability:

Tokens

It creates workspaces or repositories authentication tokens for your pipeline:

Authentication Types

You can choose which form of authentication you will use with Horusec Platform.

There are three possibilities:

• HORUSEC (native)
• LDAP
• KEYCLOAK

For more information about authentication types, check out our documentation.

Documentation

For more information about Horusec, please check out the documentation.

Contributing

If you want to contribute to this repository, access our Contributing Guide. And if you want to know more about Horusec, check out some of our other projects:

• Horusec CLI
• Horusec Devkit
• Horusec Engine
• Horusec Operator
• Horusec Admin
• Horusec VsCode

Community

Feel free to reach out to us at:

• GitHub Issues
• Zup Open Source Forum

This project exists thanks to all the contributors. You rock! ❤️🚀