BastionGuard – Open Source Modular Security Platform for Linux

I’m announcing the public release of BastionGuard™, a modular security platform designed for Linux desktop environments. BastionGuard focuses on behavioral monitoring and layered protection rather than signature-only detection. It is built entirely for Linux and integrates directly with native system components. Core Features Real-time ransomware detection using inotify YARA-based file and process scanning Delayed re-scan queue for zero-day resilience DNS-based anti-phishing filtering Automatic USB device scanning Identity leak monitoring module Secure browser integration layer Multi-process daemon architecture with local socket communication Technical Design The platform relies on standard Linux subsystems and services: inotify for filesystem monitoring /proc inspection for process analysis YARA engine for rule-based detection ClamAV daemon integration dnsmasq for DNS filtering systemd-managed services Local inter-process communication via sockets No kernel modules are required. Architecture BastionGuard uses a multi-daemon isolation model: Separate background services Token-based internal authentication Loopback-bound internal services Optional cloud communication layer The objective is to provide an additional behavioral security layer for Linux systems without modifying the kernel or introducing intrusive components. Licensing The software is released under GPLv3. Branding and trademark are excluded from the open-source license. Feedback The project is open to technical review, performance feedback, and architecture discussions, particularly regarding real-time monitoring efficiency, resource usage optimization, service isolation, and detection strategy improvements. Official website: https://bastionguard.eu   submitted by   /u/specialworld83 [link]   [comments]

Source: https://www.reddit.com/r/cybersecurity/comments/1rgilxb/bastionguard_open_source_modular_security/