A Modern Orchestration Engine for Security

Osmedeus is a security-focused, declarative orchestration engine simplifying complex workflow automation. It targets security professionals, enabling powerful, auditable, and composable automation pipelines with encrypted data handling and secure credential management, enhancing infrastructure integrity and safety.

How It Works

Workflows are defined in auditable YAML, supporting Modules (single units) and Flows (multi-module orchestration). It features a distributed master-worker pattern (Redis-scaled) for parallel scanning and offers local, Docker, or SSH runners. Key components include event-driven triggers (cron, file watch, webhooks), conditional routing, a template engine, and utility functions. Novelty stems from integrated LLM capabilities for AI-powered steps and its focus on secure, sandboxed execution.

Quick Start & Requirements

Installation uses a bash script (curl -sSL http://www.osmedeus.org/install.sh | bash) or Docker (j3ssie/osmedeus:latest). Basic CLI commands include osmedeus run -m recon -t example.com or osmedeus run -f general -t example.com. Docker example: docker run --rm -v $(pwd)/output:/root/workspaces-osmedeus j3ssie/osmedeus:latest run -f general -t example.com. Comprehensive documentation is at docs.osmedeus.org. No specific hardware/software prerequisites are detailed beyond shell/Docker.

Highlighted Details

• Declarative YAML for defining security workflows (Modules/Flows).
• Distributed execution architecture with Redis-based master-worker scaling.
• Event-driven triggers: cron, file watching, webhooks.
• Integrated LLM capabilities for AI-powered workflow steps.
• Secure credential management and sandboxed execution.
• REST API for programmatic workflow management.
• S3-compatible cloud storage for artifact management.

Maintenance & Community

Developed by @j3ssie. The roadmap shows ongoing development with some features in progress (⚠️) and others not started (❌), such as diff reports and serverless cloud integrations. Community channels are not detailed in the README.

Licensing & Compatibility

Released under the MIT license, permitting commercial use and integration into closed-source projects.

Limitations & Caveats

Actively developed, with several roadmap items not yet started (e.g., diff reports, serverless cloud steps). Some core workflow features are marked as in progress (⚠️), indicating potential for ongoing refinement.