Welcome to the Cloud Risk Assessment Agent repository. This document provides instructions on how to set up and run the Cloud Risk Assessment Agent service on macOS or Linux-based operating systems.

Welcome to the Trend Cybertron - Cloud Risk Assessment Agent project, an open-source initiative leveraging the Trend Micro Cybertron AI model in the NIM catalog. This project is managed by the community, and while contributors may offer support, availability can vary. Please provide detailed information about your environment and steps to reproduce your issue when opening a GitHub issue.

For bug reports, please open an issue.

Contributions are welcome! Learn how you can contribute by visiting our contribution guidelines.

Note: Official support from Trend Micro is not available through this project. Contributors may include Trend Micro employees, but they do not provide official support.

Before you begin, ensure you have the following installed on your system:

• Git: For cloning the repository.
• Make: For running make commands.
• Docker: Version 2 or later.

Set up your inference endpoint using Huggingface:

• Recommended Inference Endpoint: SGLang
• Recommended GPU: At least L40s
• Context Length: 128k tokens

• SGLang Setup Guide (use --contex-length parameter)

python -m sglang.launch_server --model-path trendmicro-ailab/Llama-Primus-Merged --port 8000 --host 0.0.0.0 --chat-template llama-3-instruct --context-length 131072 --max-prefill-tokens 131072 --max-total-tokens 131072

Follow these steps to get your development environment running:

Clone the code from the Git repository:

git clone https://github.com/trendmicro/cloud-risk-assessment-agent

Create a new .env file in the root directory of the repository and copy the following contents into it:

OPENAI_API_BASE=https://huggingface.co/trendmicro-ailab/Llama-Primus-Merged?local-app=vllm
OPENAI_API_KEY="trendmicro-ailab/Llama-Primus-Merged"
OPENAI_MODEL=Primus-Christmas-128k
SERVICE_HOST=http://localhost
POSTGRES_USER=tmcybertron
POSTGRES_PASSWORD=tmcybertron
# If you want to scan AWS account, please provide the access key / token in environment file here.
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_SESSION_TOKEN=
AWS_SECURITY_TOKEN=

To start the server:

# Enter the code folder
make run

Use this command to configure agent scan settings. You can specify which resources should be scanned. Find more detailed instructions here.

make gen_config

After configuring the scan settings, run the scan with:

make scan

After the scan results are available, access the service at http://localhost.

For more detailed examples and use cases, see our Usage Guide.

This project is licensed under the Trend Micro Community License.

We ❤️ contributions from our community. To ensure a safe and productive environment, please follow these guidelines:

• Familiarize Yourself: Before contributing, please read through the documentation to familiarize yourself with the project.
• Open an Issue: Discuss potential changes via issue discussions before starting any significant work. This helps prevent duplication of efforts and ensures that your contributions align with the project goals.
• Pull Requests: Submit pull requests with clear descriptions of the changes and benefits. Ensure each pull request only covers one specific issue to simplify the review process.

• Code Quality: Maintain high code quality and adhere to the project's coding conventions (use language-specific linters).
• Testing: Add tests for new features and ensure that all tests pass.
• Documentation: Update documentation to reflect changes or additions to the project.

• No Secrets or PII: Do not include API keys, secrets, passwords, or any personally identifiable information in your contributions.
• Clean History: Ensure your pull request's commit history is clean and free from any accidental inclusion of sensitive data.