System Requirements

This document lists the supported distributions and operating systems (OSs) for the Linux Agent and the Windows Agent. Please ensure your environment is compatible with the supported distributions or OSs.

Important

Due to a known Linux limitation, only one audit socket can be opened at a time to connect to the kernel’s audit system. As a result, any applications that create audit sockets, such as auditd.service, conflict with the Threat Stack Agent over access to the audit system. Please ensure that auditd.service is disabled in your environment or the Threat Stack Agent will not function as expected.

If you need to continue using auditd.service, then we suggest this workaround.

Threat StackⓇ Agent for Linux

Supported Agents

An explanation of the Threat StackⓇ support policy is available in the Threat Stack Support Policy article.

Threat Stack supports the following Agents:

3.1.0 (Host and Containerized). For more information, see Linux Agent Release Changelog.
3.0.0 (Host and Containerized). For more information, see Linux Agent Release Changelog.
2.5.0 (Host and Containerized). For more information, see Linux Agent Release Changelog.

Note

Based on the Threat Stack Support Policy, on August 15, 2020, Threat StackⓇ removed publicly available packages for Linux Agents versions 1.8.0, 1.8.0.C, and all previous versions. Publicly available packages for Linux Agent version 1.9.0 and later remain accessible.

Supported x86 Architecture

Threat Stack validates performance against the supported OS list. Customers who choose to use a different Linux OS will fall outside the Threat Stack Support Policy.

Threat Stack supports the following 64-bit Linux OSs:

Amazon CentOS CoreOS Debian RancherOS RedHat Ubuntu

Supported Versions	Minimum Kernel	Notes
Amazon Linux 2022	5.10	Only supported by Agent 3.x series.
amzn2-20181024	4.14	Only supported by Agent 2.x+ series. Vulnerability Assessment unavailable.
amzn-2018.03	4.14	N/A
amzn-2017.09	4.9.51	N/A
amzn-2017.03	4.9	Only supported by Agent 1.x series.

Supported Versions	Minimum Kernel	Notes
8	4.18	N/A
7	3.10	N/A

Supported Versions	Minimum Kernel	Notes
1745.5	4.14.44	Only supported by Containerized Agent. Vulnerability Assessment unavailable.
1688.5	4.14.32	Only supported by Containerized Agent. Vulnerability Assessment unavailable.
1632.3	4.14.19	Only supported by Containerized Agent. Vulnerability Assessment unavailable.

Supported Versions	Minimum Kernel	Notes
11	5.10	Only supported in the Agent 3.x series. Vulnerability Assessment unavailable.
10 (Buster)	4.19 LTS	Only supported in the Agent 2.x+ series. Vulnerability Assessment unavailable.
9	4.9 LTS	Vulnerability Assessment unavailable.
8	3.16	Container support unavailable. Vulnerability Assessment unavailable.

Supported Versions	Minimum Kernel	Notes
1.5.8	–	Only supported by Containerized Agent 2.4.0 and newer

Supported Versions	Minimum Kernel	Notes
8	4.18.0-80	N/A
7	3.10	N/A

Supported Versions	Minimum Kernel	Notes
22.04	N/A	N/A
20.04	5.4	N/A
18.04	4.15	N/A

Supported ARM 64-bit Architecture

Threat Stack validates performance against the supported OS list. Customers who choose to use a different Linux OS will fall outside the Threat Stack Support Policy.

Threat Stack supports the following ARM 64-bit architecture for AWS Graviton2 processors:

Amazon CentOS Debian RedHat Ubuntu

Supported Versions	Minimum Kernel	Notes
Amazon Linux 2022	5.10	-
amzn2-20181024	4.14	Vulnerability Assessment unavailable.

Supported Versions	Minimum Kernel	Notes
8.2	4.18	N/A

Supported Versions	Minimum Kernel	Notes
11	5.10	Vulnerability Assessment unavailable.
10 (Buster)	4.19 LTS	Vulnerability Assessment unavailable.

Supported Versions	Minimum Kernel	Notes
8.2	4.18.0-80	N/A

Supported Versions	Minimum Kernel	Notes
20.04	5.4	N/A
18.04	4.15	N/A

Supported Containers

Threat Stack offers support for behavior and event monitoring on Docker containers running natively on the host.

Version	Minimum Kernel	Notes
Docker 1.8.0 - 17.03-ce	3.10	Supported for Linux Agent 2.3.3c and newer versions
Docker 1.8.0 - 19.03-ce	3.10	Supported for Linux Agent 2.3.2c and older versions

Threat StackⓇ Agent for Windows Server

Supported Agents

An explanation of the Threat StackⓇ support policy is available in the Threat Stack Support Policy article.

Threat Stack supports the following Agents:

2.3.1w (Host). For more information, see Windows Agent Release Changelog.
2.3.0w (Host). For more information, see Windows Agent Release Changelog.
2.2.3w (Host). For more information, see Windows Agent Release Changelog.

Supported OSs

An explanation of the Threat Stack support policy is available in the Threat Stack Support Policy article.

Threat Stack supports the following Windows Server OSs:

Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022

In addition, beginning with the Windows Agent 2.3.0 release, the Agent supports monitoring Windows Application Containers in Kubernetes.

Threat StackⓇ Container Security Monitoring for AWS Fargate

Supported Agents

An explanation of the Threat StackⓇ support policy is available in the Threat Stack Support Policy article.

Threat Stack supports the following versions of the Threat Stack Container Security Monitoring for AWS Fargate:

1.1.1. For more information, see Threat Stack Container Security Monitoring for AWS Fargate Changelog.
1.1.0. For more information, see Threat Stack Container Security Monitoring for AWS Fargate Changelog.
1.0.0. For more information, see Threat Stack Container Security Monitoring for AWS Fargate Changelog.

Supported x86 Architecture

Threat Stack validates performance against the supported distribution list. Customers who choose to use a different Fargate distribution will fall outside the Threat Stack Support Policy.

Threat Stack supports the following 64-bit Fargate distributions:

1.3.0
1.4.0

Supported ARM 64-bit Architecture

Threat Stack validates performance against the supported OS list. Customers who choose to use a different Linux OS will fall outside the Threat Stack Support Policy.

Threat Stack supports the following ARM 64-bit architecture for AWS Graviton2 processors:

1.3.0
1.4.0

Supported OSs

An explanation of the Threat Stack support policy is available in the Threat Stack Support Policy article.

Threat Stack supports the following AWS Fargate distributions:

1.3.0
1.4.0

Threat StackⓇ Application Security Monitoring

Threat StackⓇ AppSec Monitoring supports the following versions of Node.js, Python and Ruby on the following operating systems (OSs):

Node.js Python Ruby

Supported Versions	Supported OS	Minimum Kernel
Node v8 Carbon	Ubuntu	v14 (Trusty Tahr); v16 (Xenial Xerus); v18 (Bionic Beaver)
Node v10 Dubnium	Ubuntu	v14 (Trusty Tahr); v16 (Xenial Xerus); v18 (Bionic Beaver)
Node v12	Ubuntu	v14 (Trusty Tahr); v16 (Xenial Xerus); v18 (Bionic Beaver)

Supported Versions	Supported OS	Minimum Kernel
Python 3.4	Ubuntu	v14 (Trusty Tahr); v16 (Xenial Xerus); v18 (Bionic Beaver)
Python 3.5	Ubuntu	v14 (Trusty Tahr); v16 (Xenial Xerus); v18 (Bionic Beaver)
Python 3.6	Ubuntu	v14 (Trusty Tahr); v16 (Xenial Xerus); v18 (Bionic Beaver)
Python 3.7	Ubuntu	v16 (Xenial Xerus); v18 (Bionic Beaver)
Python 3.8	Ubuntu	v16 (Xenial Xerus); v18 (Bionic Beaver)

Supported Versions	Supported OS	Minimum Kernel
Ruby v2.2.2 and higher, and Rails 5.0.0 and higher	Ubuntu	v16 (Xenial Xerus); v18 (Bionic Beaver)

Supported Browsers

The Threat Stack Cloud Security PlatformⓇ (CSP) supports the latest versions of the following browsers:

Preferred: Google Chrome (latest stable release)
macOS Safari (latest stable release)
Mozilla Firefox (latest stable release)
Microsoft Edge (latest stable release)

Network Access

Threat StackⓇ Agents require outbound access (TCP 443) to communicate to the platform.

app.threatstack.com (TCP 443)
cssensors.threatstack.com (TCP 443)

Review Configure Agent Network Access article for additional whitelisting instructions.

Note

Threat Stack does not support proxying our platform with customer environments.

Important

Note

Note

Table of Contents

Related articles