3f0808e9f9
- Major updates to README.md and docs/README.md for Pulse v5 - Added technical deep-dives for Pulse Pro (docs/PULSE_PRO.md) and AI Patrol (docs/AI.md) - Updated Prometheus metrics documentation and Helm schema for metrics separation - Refreshed security, installation, and deployment documentation for unified agent models - Cleaned up legacy summary files
1.6 KiB
Agent Security
Pulse agents incorporate several security mechanisms to ensure that the code running on your infrastructure is authentic and untampered with.
Self-Update Security
The agent's self-update mechanism is critical for security and stability. To prevent supply chain attacks or compromised update servers from distributing malicious or broken agents, Pulse employs a rigorous verification process.
1. Checksum Verification
The agent verifies a SHA-256 checksum of the downloaded binary. The server must provide
X-Checksum-Sha256; updates are rejected if the header is missing or mismatched.
2. Signature Verification (Optional)
The legacy Docker agent supports optional Ed25519 signature verification when the server provides X-Signature-Ed25519. The unified agent relies on checksum verification only. Missing signatures are logged as a warning where supported.
3. Pre-Flight Checks
To prevent "brick-updates"—bad updates that crash immediately and require manual recovery—agents perform pre-flight validation before replacing the running executable.
Unified agent (pulse-agent):
- Download new binary.
- Verify checksum (required).
- Validate binary magic (ELF/Mach-O/PE) and size limits (100MB max).
- Make executable and swap atomically.
Legacy Docker agent (pulse-docker-agent):
- Download new binary.
- Verify checksum (required).
- Make executable.
- Execute with
--self-testto validate startup. - If the self-test fails, the update is aborted.
API Security
- Token Authentication: All agent-to-server communication requires a valid API token.
- TLS: Encrypted by default (unless specifically disabled).