#security-framework #macos #events #endpoint #wrapper #monitoring

endpoint-sec

High-level Rust wrappers around the Endpoint Security Framework

7 unstable releases (3 breaking)

0.4.1 Sep 19, 2024
0.4.0 Jun 21, 2024
0.3.4 Jan 22, 2024
0.3.2 Nov 30, 2023
0.2.0 Jul 12, 2023

#141 in Development tools

Download history 402/week @ 2024-08-20 379/week @ 2024-08-27 516/week @ 2024-09-03 455/week @ 2024-09-10 512/week @ 2024-09-17 466/week @ 2024-09-24 695/week @ 2024-10-01 994/week @ 2024-10-08 821/week @ 2024-10-15 1025/week @ 2024-10-22 802/week @ 2024-10-29 775/week @ 2024-11-05 518/week @ 2024-11-12 674/week @ 2024-11-19 579/week @ 2024-11-26 388/week @ 2024-12-03

2,173 downloads per month

MIT/Apache

345KB
5.5K SLoC

Endpoint Security - Rust bindings

Endpoint Security (abbreviated ES here) is a framework provided by Apple for macOS machines for monitoring system events for potentially malicious activity, see the official documentation for the exact details.

This repository is composed of two Rust crates:

endpoint-sec-sys is the raw events translated from C to Rust, with some additional types that have to exist in the crate because of the orphan rules. While you can use the crate directly, no effort have been made to make it easy nor correct.

endpoint-sec contains the higher level wrappers. They're much safer and more ergonomic to use but incur a slight overhead cost in certain methods (not all, not even most of them).

MSRV

Current MSRV is 1.70.0. It can be updated in any minor version, though we'll try to be conservative with it.

Contributing

All contributions are welcome, provided they respect the Rust Code of Conduct. Opening an issue to signal a bug is a contribution!

License

Dual licensed under Apache 2 and MIT, see the LICENSE-APACHE and LICENSE-MIT files.

Dependencies

~185KB