WNC Launches WNC Guard — Our Own Desktop Security Monitor for Every Team Member
· WNC Engineering
Every company talks about security. We decided to build it.
Today we're releasing WNC Guard — a lightweight desktop application that gives every team member real-time visibility into what's happening on their machine. No cloud dashboards, no third-party agents phoning home, no enterprise sales calls. Just a tool we built for ourselves and now ship to our entire team.
Why We Built It
Modern development means dozens of tools, packages, and services running on your laptop at any given moment. Any one of them could be leaking credentials, connecting to unexpected servers, or pulling in a compromised dependency. We wanted answers to three simple questions:
- What is my machine connecting to right now?
- Are there leaked secrets in my local repositories?
- Do my project dependencies have known vulnerabilities?
No existing tool answered all three without requiring an IT department to deploy and manage it. So we built one.
How It Works
WNC Guard has two parts: a background daemon written in Rust and a desktop UI built with Tauri.
The daemon runs silently and does three things:
Network Monitoring
Continuously polls outbound connections and logs every process that's talking to the internet. You can see which app connected to which host, on which port, using which protocol. Nothing is blocked — it's alert-only by design.
Secret Scanning
Walks your local git repositories and runs gitleaks to detect accidentally committed API keys, tokens, passwords, and other credentials. Findings are surfaced in the UI with the exact file, line, and match.
Dependency Auditing
Discovers package manifests (package.json, Cargo.toml, requirements.txt, go.mod, etc.) and runs osv-scanner to check every dependency against the OSV vulnerability database. You see which packages are affected and what the fix version is.
All data stays on your machine. Nothing leaves your workstation.
Cross-Platform
WNC Guard runs on macOS (Apple Silicon and Intel), Windows, and Linux. The Rust daemon handles platform-specific differences under the hood — lsof on macOS, ss on Linux, netstat on Windows — so the experience is consistent everywhere.
Install it, let it run, and check the dashboard when you want to see what's going on. Or don't — the daemon is designed to be invisible until you need it.
Available Now
Every WNC team member required to download WNC Guard from the Security section of the Employee Portal. It's also available as a direct download:
- macOS (Apple Silicon & Intel) — .dmg
- Windows — .msi
- Linux — .AppImage
"We don't think security should be something that only the IT team worries about. WNC Guard puts visibility directly in the hands of the people writing the code."
— Daniel Nikulshyn, CEO
What's Next
WNC Guard v0.1.0 is observational — it watches and reports, but never blocks or modifies anything. Future versions will add configurable allow/deny lists for network connections, scheduled scan reports sent to your email, and integration with our admin portal for company-wide security posture visibility.