Introducing Open Source EDR

Xcitium is proud to offer our once proprietary EDR agent as open source! We strongly feel that as cyberthreats increase, every organization deserves the right to have access to Endpoint Detection and Response – Regardless of their budget

Here's How You can experience OpenEDR!
Deploy & use OpenEDR within a FREE Xcitium Enterprise Platform account! Register now and improve your protection within minutes!

Access the source code, configure your environment, and refine your own solution to meet your needs.

OpenEDR is an Open Source initiative started by Xcitium

We at Xcitium believe in creating an open source cybersecurity platform where products and services can be provisioned and managed together. EDR is our starting point.

OpenEDR is a full blown EDR capability. It is one of the most sophisticated, effective EDR code base in the world and with the community’s help it will become even better.

The OpenEDR consists of
the following components:
Core Library

the basic framework;


service application;

Process Monitoring

components for per-process monitoring;

System Monitor

the genetic container for different kernel-mode components;

File-System Mini-Filter

the kernel component that hooks I/O requests file system;

Network Monitor

monitors processes creation/deletion using system callbacks

Low-Level Registry Monitoring Component

monitors registry access using system callbacks

Self-Protection Provider

prevents EDR components and configuration from unauthorized changes

Low-Level Process Monitoring Component

network filter for monitoring the network activity

Join the Open Community
Enroll to the online forums

Have questions about our OpenEDR open-source code? Join our open community! The community allows members to ask and respond to questions, interact with other users, and review topics related to OpenEDR.

Enroll Today
OpenEDR & Xcitium

In addition to maintaining the OpenEDR project, Xcitium helps customers avoid breaches with groundbreaking isolation technology that fully neutralizes ransomware, zero-day malware, and cyberattacks that other security providers can’t do. Our isolation and containment technology complements our highly rated advanced endpoint protection and endpoint management to offer a single cloudaccessible Active Breach Protection solution. Xcitium’s Managed and Extended Detection and Response services are available to serve as your security partner and guide.

Learn More