6.1.12. Component Analysis

Component analysis tries to reflect each application or framework used in the Agent to provide functionality. These two major components are WireGuard and OSQuery.

6.1.12.1. WireGuard

WireGuard is an open-source VPN technology that allows secure point-to-point connections to be established using the UDP connection protocol, as this protocol does not need to perform checks like TCP and would therefore be faster.

Another outstanding feature of this technology, in addition to its speed, is the reduction of the code used for its implementation. Unlike other VPN technologies, WireGuard has fewer lines and this offers a greater advantage when it comes to learning how it works internally and is also easier to patch in the event of a bug.

This software is embedded in the multiplatform Agent (making use of the generated dll libraries). Therefore, it would not be necessary to install any external applications, since the WireGuard technology is part of the Agent.

Version used on Multiplatform Agent: 0.10.1

LICENSE: The kernel components are released under the GPLv2, as is the Linux kernel itself. Other projects are licensed under MIT, BSD, Apache 2.0, or GPL, depending on context. https://www.wireguard.com/#license

6.1.12.2. OSQuery

OSQuery is a framework or tool used to obtain information about the operating system and its components. This application, created by Facebook, returns information in the form of SQL tables that can be such as the operating system version, installed applications, the security status of the computer, among others.

The limitation of this component, which limits the Agent application, is that only a 64-bit version is published for Windows. Therefore, the multiplatform Agent is only valid on 64-bit Windows machines.

OSQuery Version used on Multiplatform Agent: 5.11.0