A self-hostable Configuration Management Database (CMDB) system designed to provide comprehensive visibility into an organization's IT infrastructure.

1. Overview
2. Key Features
3. Technology Stack
4. Architecture
5. Getting Started
6. Project Structure
7. Documentation
8. Contributing
9. Security
10. License

Horizon is a self-hostable Configuration Management Database (CMDB) system that combines a powerful backend with a lightweight, cross-platform agent to automatically discover and inventory hardware assets, software installations, network configurations, and security-relevant information.

Horizon provides organizations with complete control over their IT asset data through a self-hostable solution with no licensing costs and complete data ownership.

• Comprehensiveness: Capture all information relevant to IT asset management
• Automation: Lightweight agent collection with minimal configuration
• Flexibility: Support both automated and manual data entry
• Integrity: Complete audit trails and data quality assessment
• Intelligence: AI-powered pattern recognition via inference providers
• Accessibility: Multiple interfaces including web and desktop applications

• Hardware Discovery: Automated collection of CPU, memory, storage, network interfaces, and peripherals
• Software Tracking: Inventory of installed packages, running services, and startup items
• Asset Relationships: Map dependencies and connections between assets
• Full-Text Search: Powerful search capabilities across all asset metadata
• Import/Export: Support for CSV, Excel, JSON, and XML formats

• Interface Discovery: Track all network interfaces and IP addresses
• Flow Collection: Aggregate and analyze network traffic patterns
• Topology Visualization: Visual representation of network architecture
• Anomaly Detection: AI-powered identification of unusual network behavior

• CIS Benchmark Support: Validate configurations against industry standards
• Configuration Drift Detection: Monitor changes over time
• Compliance Scoring: Automated assessment of security posture
• Remediation Guidance: AI-powered recommendations for fixing violations

• CVE Synchronization: Automatic sync with National Vulnerability Database
• Asset Correlation: Link vulnerabilities to affected assets
• Penetration Test Integration: Track findings from security assessments
• Red Team Tracking: MITRE ATT&CK technique mapping and IOC tracking

• Critical System Registry: Classify systems by business criticality
• Dependency Mapping: Visualize system dependencies and impact cascades
• Recovery Planning: Document recovery procedures and contact information
• Impact Scoring: Calculate financial and operational impact

• Vendor Profiles: Track vendor contacts and performance metrics
• Contract Management: Monitor contract lifecycle and renewals
• Asset-Vendor Association: Link assets to vendor contracts
• SLA Tracking: Monitor vendor service level agreements

• Event-Based Triggers: Configure alerts for specific events
• Multi-Channel Delivery: Email, webhooks, Slack, Microsoft Teams
• Escalation Workflows: Automated escalation procedures
• Notification Aggregation: Reduce alert fatigue with intelligent grouping

• Rust 1.94.0-nightly or later
• PostgreSQL (latest stable)
• Redis (latest stable)
• Docker and Docker Compose (for containerized deployment)

1. Clone the repository

git clone https://github.com/cyberpath-HQ/horizon.git
cd horizon

2. Start development environment

docker-compose up -d

3. Build the project

cargo build --release

4. Start the server

cargo run --bin horizon-server

5. Access the web UI

Open your browser to http://localhost:8080

See DEVELOPMENT.md for detailed setup instructions.

horizon/
├── Cargo.toml                 # Workspace configuration
├── README.md                  # This file
├── docker-compose.yml         # Docker Compose configuration
├── crates/                    # Workspace members
│   ├── api-server/           # REST API server
│   ├── agent/                # Cross-platform agent
│   ├── common/               # Shared utilities
│   ├── crypto/               # Cryptographic operations
│   ├── database/             # Database layer
│   ├── models/               # Data models
│   └── cli/                  # Command-line tools
├── migrations/               # Database migrations
├── docs/                     # Documentation
└── scripts/                  # Build and deployment scripts

• Check the documentation
• Search existing issues
• Open a new issue for bugs or feature requests
• Join our Discord community

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

Horizon implements defense-in-depth security measures:

1. Encryption at Rest: XChaCha20-Poly1305 for sensitive data
2. Encryption in Transit: mTLS for all communications
3. Authentication: JWT tokens with MFA support
4. Password Security: Argon2id password hashing
5. Audit Logging: Complete audit trail of all actions
6. Secure Memory: Zeroize for sensitive data clearing

If you discover a security vulnerability, please report it responsibly:

1. Do NOT open a public issue
2. Email: [email protected]
3. Include detailed reproduction steps
4. Allow time for remediation before disclosure

See SECURITY.md for full security guidelines.

• Rust Version: Minimum 1.94.0-nightly, always use latest stable or nightly
• Dependencies: Always use latest available versions
• Breaking Changes: Major version bumps for breaking changes
• Support: Latest version always supported

See IMPLEMENTATION_PLAN.md for the complete implementation roadmap.

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.