OS Support Matrix
The Myrmex Endpoint Agent is designed for broad compatibility, providing a unified abstraction layer for Centurion and Perseus regardless of the underlying hardware or OS.
Core Support Matrix
| Feature Layer | Windows (Modern) | Windows (Legacy) | Linux | macOS |
|---|
| User Mode Execution | ✔️ | ✔️ | ✔️ | ✔️ |
| Kernel Interception | ✔️ (ELAM/EDR) | Legacy Driver | ✔️ (eBPF) | ✔️ (ESF) |
| Command Translation | ✔️ | ✔️ | ✔️ | ✔️ |
| Network Isolation | ✔️ | ✔️ | ✔️ | ✔️ |
| Collector Mode | ✔️ | - | ✔️ | - |
| WSUS Integration | ✔️ | ✔️ | - | - |
Operating System Specifics
Windows
- Modern Support: Windows 10, 11, Server 2016, 2019, 2022.
- Legacy Support: Windows XP (SP3), Windows Server 2003, 2008.
- Architecture: x86, x64.
- Tech Stack: Utilizes Win32 API, WMI, and specialized EDR drivers for kernel-level visibility.
Linux
- Distributions: Ubuntu (18.04+), CentOS/RHEL (7+), Debian, Fedora, Alpine.
- Kernel Requirements: Version 4.18+ recommended for full eBPF telemetry.
- Architecture: x64.
- Tech Stack: Leverages eBPF for non-intrusive kernel monitoring and
systemd for service management.
macOS
- Versions: macOS 11 (Big Sur) and newer.
- Architecture: Apple Silicon (M1/M2/M3).
- Tech Stack: Deep integration with Apple’s Endpoint Security Framework (ESF) for real-time event interception.
Architecture Requirements
| Component | Minimum Requirement | Recommended |
|---|
| RAM | 128 MB | 512 MB |
| Storage | 100 MB | 500 MB (for local caching) |
| Connectivity | HTTPS (443) to Myrmex API | Continuous WebSocket connection |
| Privileges | Local Admin / root | Local Admin / root |
Kernel Interception: On Linux kernels older than 4.18, the agent falls back to auditd-based monitoring, which may have higher performance overhead compared to eBPF.
