Back to Documentation

Getting Started with Panguard

Install Panguard, run your first scan, and enable real-time protection in under 5 minutes.

System Requirements

  • Linux (Ubuntu 20.04+, Debian 11+, CentOS 8+) or macOS 12+
  • Node.js 18+ (auto-installed if missing)
  • 2 GB RAM minimum, 4 GB recommended

Step 1: Install Panguard

One command installs everything: the CLI, rule engine, and local AI model.

Terminal
curl -fsSL https://get.panguard.ai | sh

The installer auto-detects your OS and architecture. Expected output:

[OK] Panguard v1.0.0 installed

[OK] Rule engine loaded (3,155 Sigma + 423 YARA rules)

[OK] Local LLM ready (Ollama)

[OK] Monitoring started. Learning period: 7 days.

Step 2: Run Your First Scan

A quick scan checks your system for common vulnerabilities in about 60 seconds.

Terminal
panguard scan

For a comprehensive analysis including all ports, SSL certificates, and configuration files:

Terminal
panguard scan --deep

Step 3: Enable Real-Time Protection

Guard runs as a daemon, monitoring your system 24/7 with Sigma and YARA rules.

Terminal
panguard guard start

[OK] Guard daemon started

[OK] Watching 12 network interfaces

[OK] Sigma rules: 3,155 loaded

[OK] YARA rules: 423 loaded

[OK] Baseline learning: active (7 days)

Step 4: Set Up Notifications

Panguard Chat sends you plain-language notifications when threats are detected and resolved.

Terminal
panguard chat config
# Follow the prompts to connect Slack, LINE, or Telegram

Step 5: Understanding Scan Results

Every scan produces a security score, grade, and detailed findings. Here's how to read them.

Score: Security Score (0-100): 0 = critical risk, 100 = fully protected. Anything below 60 needs immediate attention.

Grade: Grade: A (90+), B (75-89), C (60-74), D (40-59), F (below 40). Target grade B or higher.

Findings: Findings are sorted by severity: Critical > High > Medium > Low. Fix critical issues first.

Step 6: JSON Output for AI Agents

Panguard is Agent-Native. Use --json to get machine-readable output that AI agents can parse directly.

Terminal
panguard scan --json

When --json is active, no spinners, banners, or colors are output. Pure JSON only.

Example JSON output:

JSON
{
  "version": "0.5.0",
  "target": "localhost",
  "risk_score": 35,
  "grade": "C",
  "findings_count": 8,
  "findings": [ ... ],
  "agent_friendly": true
}

Your AI agent can call Panguard via subprocess and parse the JSON response to make security decisions autonomously.

Step 7: Remote Scanning

Scan any server or domain from outside. Panguard checks open ports, SSL certificates, HTTP headers, and DNS records.

Terminal
panguard scan --target example.com
panguard scan --target 1.2.3.4 --json

Remote scans use Node.js built-in modules only. No nmap required. Combine with --json for automated monitoring.

Step 8: Compliance Reports

Generate ISO 27001, SOC 2, or Taiwan Cyber Security Act compliance reports automatically. Requires Pro plan.

Terminal
panguard report generate --framework iso27001
panguard report generate --framework soc2
panguard report generate --framework tcsa

Supported frameworks: ISO 27001 Annex A, SOC 2 Trust Services Criteria, Taiwan TCSA (ISMS).

Reports can be generated in English or Traditional Chinese. PDF export coming soon.

More CLI Commands

Panguard has a full CLI toolkit. Here are the most useful commands beyond scan and guard.

Check your account and subscription status:

Terminal
panguard whoami

Set up notification channels (LINE, Telegram, Slack, email):

Terminal
panguard chat config

Deploy honeypot services to profile attackers (Pro plan):

Terminal
panguard trap deploy --services ssh,http

List supported compliance frameworks:

Terminal
panguard report list

Check Guard engine status:

Terminal
panguard guard status

What's Next?

Explore the full documentation to customize rules, integrate with CI/CD, or set up compliance reports.

Full DocumentationGitHub