Skip to main content

The nullplatform agent

The nullplatform agent is a lightweight service you can run anywhere, from your laptop to a Kubernetes cluster. It connects your environment securely to the nullplatform API, so you can automate tasks, monitor scopes and services, trigger actions, and handle event-based notifications—all without exposing your infrastructure.

This setup is privacy-first: your data stays in your cluster. Only minimal metadata and telemetry are sent to nullplatform.

How it works

The agent is a small binary that can run in many ways—on your local machine, in a container, or on a Kubernetes cluster (via Helm, Docker, or just the binary). Here's what it does:

  • Authenticates with the nullplatform API using your API key
  • Registers itself with optional tags (e.g. environment:dev, team:secops)
  • Polls the API for matching tasks, scopes, or triggers
  • Runs matching commands or workflows inside your environment
  • Optionally sends logs, telemetry, and results back to nullplatform

🔒 The agent is outbound-only — you don’t need to open any firewall ports or expose your cluster.

Minimal flow

Key features at a glance

FeatureDescription
Tag-based routingAgents only respond to tasks that match their tags
Secure API integrationUse API keys with fine-grained access
Notification channelsRun local scripts in response to platform events, using a git-audited flow
Flexible runtime optionsDeploy the agent using Helm (K8s), Docker, binary, or serverless (e.g. Lambda)
ObservabilityCapture logs, exit codes, and outputs from workflows inside your infra. (Note: the agent itself doesn’t expose internal monitoring)
Multiple deployment modelsUse in local dev (e.g. Minikube), cloud environments (e.g. EKS, GKE), or CI/CD pipelines

What the agent unlocks

Once the agent is installed, it becomes the link between nullplatform and your infrastructure. Here’s what it lets you do:

  • Control your scopes directly in your environment
    Launch tasks like security scans or provisioning workflows directly inside your infra.

  • Connect platform events to your systems
    Trigger commands in containers, virtual machines, or other systems when something happens on the platform.

  • Use custom actions without extra glue code
    Respond to events (like deployments or job completions) with local scripts—no brittle webhooks required.

  • Manage internal services
    Link the platform to services or APIs running inside your infrastructure.

  • Send back telemetry and task results
    Capture logs, outputs, and task status from your local runs and send them to the platform UI.

  • Keep sensitive data local
    Everything runs on-prem—no data leaves your infra unless you choose to share logs or outputs.

What’s next

Explore the following pages to learn more:

  • Installation: Install the agent with Helm and verify it's working
  • Deployment options: Run the agent via Helm, Docker, binary, or Lambda
  • Notification channels: Let platform events trigger your local scripts
  • Use cases: Examples of what the agent can do, including scopes, telemetry, automation, and compliance