Skip to content

Installation

ORES ships three deployment artifacts — choose the one that fits your workflow:

Artifact What it does Best for
ores CLI Evaluate risk from the terminal Scripts, CI pipelines, local triage
oresd daemon Long-running HTTP/ConnectRPC service SIEM, SOAR, ticketing integrations
ores.wasm module Portable WASI binary Browsers, edge runtimes, sandboxed envs

You can also embed the scoring engine directly as a Go library — no subprocess or network call needed.

CLI (ores)

The ores CLI evaluates risk signals from the terminal, scripts, and CI pipelines.

Prerequisites

None. The CLI is a single, statically linked binary with zero runtime dependencies.

The fastest way to install on macOS or Linux:

brew install rigsecurity/tap/ores

Verify:

ores version

On Windows, use Scoop:

scoop bucket add rig https://github.com/rigsecurity/scoop-bucket
scoop install ores

Verify:

ores version

Native packages for Debian/Ubuntu and Fedora/RHEL are attached to every GitHub release.

curl -LO https://github.com/rigsecurity/ores/releases/latest/download/ores_0.2.0_linux_amd64.deb
sudo dpkg -i ores_0.2.0_linux_amd64.deb

curl -LO https://github.com/rigsecurity/ores/releases/latest/download/ores_0.2.0_linux_amd64.rpm
sudo rpm -i ores_0.2.0_linux_amd64.rpm

Verify:

ores version

If you have Go 1.25+ on your machine:

go install github.com/rigsecurity/ores/cmd/ores@latest

Make sure $GOPATH/bin is on your PATH

The binary lands in $GOPATH/bin (typically ~/go/bin). Add it to your shell profile if it is not there already:

export PATH="$PATH:$(go env GOPATH)/bin"

Verify:

ores version

Pre-built binaries for Linux, macOS, and Windows are attached to every GitHub release.

curl -Lo ores https://github.com/rigsecurity/ores/releases/latest/download/ores_linux_amd64
chmod +x ores
sudo mv ores /usr/local/bin/ores

curl -Lo ores https://github.com/rigsecurity/ores/releases/latest/download/ores_darwin_arm64
chmod +x ores
sudo mv ores /usr/local/bin/ores

curl -Lo ores https://github.com/rigsecurity/ores/releases/latest/download/ores_darwin_amd64
chmod +x ores
sudo mv ores /usr/local/bin/ores

Download ores_windows_amd64.exe from the releases page and place it somewhere on your %PATH%.

Verify:

ores version

git clone https://github.com/rigsecurity/ores.git
cd ores
task build          # builds CLI + daemon

Binaries land in the bin/ directory.

Build prerequisites

Building from source requires Go 1.25+ and Task. See Contributing: Development for the full setup guide.

Verify:

./bin/ores version

Daemon (oresd)

The oresd daemon exposes a long-running ConnectRPC / HTTP service. Use it to integrate ORES into SIEM, SOAR, ticketing, or any system that can make HTTP calls.

docker pull ghcr.io/rigsecurity/oresd:latest
docker run -p 8080:8080 ghcr.io/rigsecurity/oresd:latest

Pin to a specific release for production

docker run -p 8080:8080 ghcr.io/rigsecurity/oresd:0.2.0

Verify:

curl -s http://localhost:8080/healthz
# 200 OK

go install github.com/rigsecurity/ores/cmd/oresd@latest

Verify:

oresd &
curl -s http://localhost:8080/healthz
# 200 OK

Native packages include a systemd service file for easy deployment:

curl -LO https://github.com/rigsecurity/ores/releases/latest/download/oresd_0.2.0_linux_amd64.deb
sudo dpkg -i oresd_0.2.0_linux_amd64.deb
sudo systemctl enable --now oresd

curl -LO https://github.com/rigsecurity/ores/releases/latest/download/oresd_0.2.0_linux_amd64.rpm
sudo rpm -i oresd_0.2.0_linux_amd64.rpm
sudo systemctl enable --now oresd

Verify:

curl -s http://localhost:8080/healthz
# 200 OK

curl -Lo oresd https://github.com/rigsecurity/ores/releases/latest/download/oresd_linux_amd64
chmod +x oresd
sudo mv oresd /usr/local/bin/oresd

curl -Lo oresd https://github.com/rigsecurity/ores/releases/latest/download/oresd_darwin_arm64
chmod +x oresd
sudo mv oresd /usr/local/bin/oresd

Verify:

oresd &
curl -s http://localhost:8080/healthz
# 200 OK

WASM Module (ores.wasm)

The WASM module lets you embed the ORES engine directly in browsers, edge runtimes, Node.js, Python, or any environment that supports the WASI preview 1 interface.

Runtime requirement

You need a WASI-compatible runtime such as wasmtime, or the Node.js / Python wasmtime package.

Step 1 — Download the module:

curl -Lo ores.wasm https://github.com/rigsecurity/ores/releases/latest/download/ores.wasm

Step 2 — Install a WASI runtime (if you don't have one):

curl https://wasmtime.dev/install.sh -sSf | bash

brew install wasmtime

Step 3 — Verify:

echo '{"apiVersion":"ores.dev/v1","kind":"EvaluationRequest","signals":{"cvss":{"base_score":7.5}}}' \
  | wasmtime ores.wasm

Build WASM from source

git clone https://github.com/rigsecurity/ores.git && cd ores
task build:wasm
The module is written to bin/ores.wasm.

Go Library

Embed the ORES engine directly in your Go application — no subprocess, no network call.

go get github.com/rigsecurity/ores

The primary entry point is the engine package:

import "github.com/rigsecurity/ores/pkg/engine"

eng := engine.New()
result, err := eng.Evaluate(ctx, req)

Full integration walkthrough

See the Go Library Guide for a complete, production-ready example.

Quick Reference

Method Command Platforms
Homebrew brew install rigsecurity/tap/ores macOS, Linux
Scoop scoop install ores Windows
deb / rpm Download from Releases Linux
Go install go install .../cmd/ores@latest Any (needs Go)
Pre-built binary Download from Releases All
Docker (daemon) docker run ghcr.io/rigsecurity/oresd All
Go library go get github.com/rigsecurity/ores Any (needs Go)
From source git clone + task build Any (needs Go)

Next up: Quickstart — score your first vulnerability in 60 seconds