Skip to content

Overview

Before starting the installation, let's discover how OpenBAS is working, which dependencies are needed and what are the minimal requirements to deploy it in production.

Architecture

The OpenBAS platform relies on several external databases and services in order to work.

Architecture

Platform

The platform is the central part of the OpenBAS platform, allowing users to configure scenarios, simulations, atomic testings and all other components used in the context of breach and attack simulations and security validations.

Neutral agents / executors

Executors are embedded into the platform but you should configure at least one. This system is responsible for executing local injectors on endpoints.

We developed a home-made XTM agent, and we support Caldera, Tanium and Crowdstrike. Others will be added in the near future.

Tips

If you want to learn more about how to deploy executors, you can have more info here.

Injectors

Injectors are used to interact with third-party applications or services (including execution on the endpoints through executors) in the context of a simulation or an atomic testing. A few injectors are built-in but most of them are standalone Python processes.

Tips

If you want to learn more about how to deploy injectors, you can have more info here.

Collectors

Collectors are used to connect to all security systems such as SIEMs, XDRs, EDRs, firewalls, mail gateways etc. to check if an inject (execution, emails, etc.) has been detected or prevented and fill the security posture.

Tips

If you want to learn more about how to deploy collectors, you can have more info here.

Infrastructure requirements

Dependencies

Component Version CPU RAM Disk type Disk space
PostgreSQL ≥ 16.0 2 cores ≥ 8GB SSD ≥ 16GB
RabbitMQ >= 3.11 1 core ≥ 512MB Standard ≥ 2GB
S3 / MinIO ≥ RELEASE.2023-02 1 core ≥ 128MB SSD ≥ 16GB

Platform

Component CPU RAM Disk type Disk space
OpenBAS Core 2 cores ≥ 8GB None (stateless) -
Injector(s) 1 core ≥ 128MB None (stateless) -
Collector(s) 1 core ≥ 128MB None (stateless) -