Install cyscan
Pick whichever method fits your environment. The binary is the same across all three.
Homebrew (macOS, Linux)
brew tap cybrium-ai/cli
brew install cyscan
This also pulls the bundled rule pack so the scanner works out of the box.
Cargo (from source)
Requires Rust 1.75+.
cargo install --git https://github.com/cybrium-ai/cyscan cyscan
With cargo install you'll need to set CYSCAN_RULES to point at a rule pack, since cargo doesn't ship one:
git clone https://github.com/cybrium-ai/cyscan /tmp/cyscan
export CYSCAN_RULES=/tmp/cyscan/rules
Add the export to your shell rc file.
Raw binary
Every release at github.com/cybrium-ai/cyscan/releases ships prebuilt archives for:
aarch64-apple-darwin/x86_64-apple-darwinaarch64-unknown-linux-gnu/x86_64-unknown-linux-gnux86_64-pc-windows-msvc
Each archive contains the cyscan binary + the rules/ directory beside it. cyscan will find the rule pack automatically when they're siblings.
VERSION=0.3.0
TARGET=aarch64-apple-darwin
curl -L "https://github.com/cybrium-ai/cyscan/releases/download/v${VERSION}/cyscan_${VERSION}_${TARGET}.tar.gz" \
-o cyscan.tar.gz
tar xzf cyscan.tar.gz
sudo mv cyscan_*/cyscan /usr/local/bin/
sudo mv cyscan_*/rules /usr/local/share/cyscan/rules
Verifying the binary (Cosign)
Every release artefact is signed with Sigstore's keyless flow. To verify:
VERSION=0.3.0
TARGET=aarch64-apple-darwin
BASE="https://github.com/cybrium-ai/cyscan/releases/download/v${VERSION}"
curl -LO "${BASE}/cyscan_${VERSION}_${TARGET}.tar.gz"
curl -LO "${BASE}/cyscan_${VERSION}_${TARGET}.tar.gz.sig"
curl -LO "${BASE}/cyscan_${VERSION}_${TARGET}.tar.gz.pem"
cosign verify-blob \
--certificate-identity-regexp '^https://github.com/cybrium-ai/cyscan/' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--signature cyscan_${VERSION}_${TARGET}.tar.gz.sig \
--certificate cyscan_${VERSION}_${TARGET}.tar.gz.pem \
cyscan_${VERSION}_${TARGET}.tar.gz
A successful verification prints Verified OK. Any other output means the artefact has been tampered with — don't use it.
Docker
No official image yet — build your own:
FROM rust:1.75 AS build
RUN cargo install --git https://github.com/cybrium-ai/cyscan cyscan
RUN git clone https://github.com/cybrium-ai/cyscan /rules
FROM debian:bookworm-slim
COPY --from=build /usr/local/cargo/bin/cyscan /usr/local/bin/
COPY --from=build /rules/rules /opt/cyscan/rules
ENV CYSCAN_RULES=/opt/cyscan/rules
ENTRYPOINT ["cyscan"]
Verify your install
cyscan --version
cyscan rules list | head
The first command should print a semver string. The second should list 20+ rules. If Rules: 0 or the command errors, see the troubleshooting section below.
Troubleshooting
Rules: 0 or rules path does not exist
Cyscan searches in this order:
$CYSCAN_RULESenv var (explicit override)<exe_dir>/rules— tarball layout<exe_dir>/../rules— Homebrew layout<exe_dir>/../share/cyscan/rules— Linux FHS layoutCARGO_MANIFEST_DIR/rules— cargo run fallback
If none match, point $CYSCAN_RULES at the rules/ directory from the cyscan repo.
Homebrew says "No available formula"
You probably didn't tap the cybrium-ai tap. Run:
brew tap cybrium-ai/cli
brew install cyscan