Metadata-Version: 2.4
Name: falconcore-agent
Version: 2.1.1
Summary: Enterprise cybersecurity threat intelligence agent with system tray integration
Author-email: Your Name <your.email@example.com>
License: MIT
Project-URL: Homepage, https://github.com/yourusername/falconcore-agent
Project-URL: Documentation, https://github.com/yourusername/falconcore-agent#readme
Project-URL: Repository, https://github.com/yourusername/falconcore-agent
Project-URL: Bug Tracker, https://github.com/yourusername/falconcore-agent/issues
Keywords: cybersecurity,threat-intelligence,security-agent,system-tray,malware-detection
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Information Technology
Classifier: Topic :: Security
Classifier: Topic :: System :: Monitoring
Classifier: Topic :: System :: Systems Administration
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Operating System :: OS Independent
Classifier: Operating System :: Microsoft :: Windows
Classifier: Operating System :: POSIX :: Linux
Classifier: Operating System :: MacOS
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: requests>=2.25.0
Requires-Dist: psutil>=5.8.0
Requires-Dist: packaging>=21.0
Requires-Dist: opentelemetry-api>=1.12.0
Requires-Dist: opentelemetry-sdk>=1.12.0
Requires-Dist: opentelemetry-exporter-jaeger-thrift>=1.12.0
Requires-Dist: opentelemetry-instrumentation-requests>=0.33b0
Provides-Extra: gui
Requires-Dist: pystray>=0.19.0; extra == "gui"
Requires-Dist: pillow>=8.0.0; extra == "gui"
Provides-Extra: macos
Requires-Dist: rumps>=0.3.0; extra == "macos"
Dynamic: license-file

# 🦅 FalconCore Security Agent

Enterprise-grade cybersecurity threat intelligence agent with cross-platform system tray integration.

## 🛡️ Features

- **Real-time Threat Detection**: Advanced threat intelligence from AlienVault OTX
- **DLP (Data Loss Prevention)**: File quarantine and hash-based detection
- **Cross-Platform System Tray**: Native GUI integration on Windows, macOS, and Linux
- **MITRE ATT&CK Framework**: Advanced threat categorization and detection
- **OpenTelemetry Tracing**: Enterprise observability and monitoring
- **Automatic Updates**: Self-updating from PyPI
- **Zero-Configuration**: One-line installation and setup

## 🚀 Quick Installation

```bash
# Install FalconCore Agent
pip install falconcore-agent

# Run the agent
falconcore-agent
```

## 🖥️ System Tray Installation

### **One-Line Universal Installer**

```bash
curl -fsSL https://your-server.url/install | bash
```

### **Platform-Specific Installation**

**Linux:**
```bash
curl -fsSL https://your-server.url/api/agent/install/linux | bash
```

**macOS:**
```bash
curl -fsSL https://your-server.url/api/agent/install/macos | bash
```

**Windows PowerShell:**
```powershell
Invoke-WebRequest -Uri 'https://your-server.url/api/agent/install/windows' -OutFile 'install.bat'; .\install.bat
```

## 📊 What It Does

- **🔍 Continuous Monitoring**: Scans system logs, network activity, and file operations
- **🚨 Threat Alerts**: Real-time notifications for suspicious activities  
- **📈 Intelligence Gathering**: Connects to threat intelligence feeds
- **🔐 File Quarantine**: Automatic isolation of detected malicious files
- **📱 System Tray Interface**: Easy access via system tray menu
- **☁️ Cloud Reporting**: Centralized threat intelligence dashboard

## 🎛️ Configuration

The agent automatically creates configuration at:
- **Linux/macOS**: `~/.config/falconcore/agent.json`
- **Windows**: `%APPDATA%/FalconCore/agent.json`

```json
{
  "server_url": "https://your-falconcore-server.com",
  "api_key": "auto-generated",
  "scan_interval": 300,
  "enable_system_tray": true,
  "auto_update": true
}
```

## 🔧 Advanced Usage

### **Command Line Options**

```bash
# Run in console mode (no system tray)
falconcore-agent --console

# Custom server URL
falconcore-agent --server https://your-server.com

# Debug mode with verbose logging
falconcore-agent --debug

# Test mode (no actual monitoring)
falconcore-agent --test-mode
```

### **Manual Configuration**

```python
from falconcore_agent import FalconCoreAgent

# Initialize with custom settings
agent = FalconCoreAgent(
    server_url="https://your-server.com",
    scan_interval=600,  # 10 minutes
    enable_gui=True
)

# Start monitoring
agent.start_monitoring()
```

## 🏢 Enterprise Features

- **Multi-tenant Architecture**: Support for multiple companies/organizations
- **API Key Management**: Secure authentication and authorization
- **Compliance Monitoring**: SOX, GDPR, HIPAA compliance checking
- **Behavioral Analysis**: ML-powered anomaly detection
- **Dark Web Monitoring**: Breach and credential monitoring
- **Distributed Tracing**: Full observability with Jaeger/OpenTelemetry

## 🔒 Security

- **Encrypted Communications**: TLS 1.3 for all API communications
- **Secure Quarantine**: Files quarantined with 700 permissions
- **API Token Rotation**: Automatic key rotation and management
- **Zero Trust Architecture**: All communications authenticated and encrypted

## 📈 Requirements

- **Python**: 3.8+ (automatically managed in system tray installations)
- **Memory**: 50MB typical usage
- **Network**: HTTPS outbound for threat intelligence feeds
- **Permissions**: Standard user (no administrator required)

## 🛠️ Development

```bash
# Clone repository
git clone https://github.com/yourusername/falconcore-agent
cd falconcore-agent

# Install in development mode
pip install -e ".[dev]"

# Run tests
pytest

# Build package
python -m build
```

## 📄 License

MIT License - see LICENSE file for details.

## 🤝 Contributing

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests
5. Submit a pull request

## 📞 Support

- **Documentation**: [GitHub Repository](https://github.com/yourusername/falconcore-agent)
- **Issues**: [Bug Tracker](https://github.com/yourusername/falconcore-agent/issues)
- **Enterprise Support**: Contact your FalconCore administrator

---

**⚡ Enterprise cybersecurity made simple. Deploy in minutes, protect immediately.**
