Most platforms face a bad choice: build custom abuse-fighting infrastructure from scratch, or use closed vendor solutions. We built Osprey to give smaller platforms and communities access to the same quality of tooling that large companies build internally. All of our projects are self-hosted, which means data stays in your own system.
v1.0 is our proven production-ready release. It includes:
- Core rules engine: The rules engine itself lets you write detection logic. Rules can extract features, mutate labels, emit verdicts, and trigger downstream actions.
- Interface for open-ended investigation: The open-ended interface means you can identify new abuse patterns as they emerge. The whole system is designed for high throughput and horizontal scaling.
- Labeling service: human and automated labels on entities (users, IPs, emails) that feed into rules and workflows
- Rust coordinator: horizontal scaling and load balancing across workers via gRPC streams and service discovery
- Event stream: real-time investigation UI with searchable history using our SML (custom python language for safety teams to use if they don't know python or programming languages) query language
License: Apache 2.0
Repo: https://github.com/roostorg/osprey
v1.0 Release notes: https://github.com/roostorg/osprey/releases/tag/1.0
Github Codespace demo (note: if this is not running when you click on it, it probably idled out): https://turbo-fiesta-p46xvxwp4vfwqv-5002.app.github.dev/?sta...
Our FOSDEM talk from last week: https://fosdem.org/2026/schedule/event/U7ABHE-roost-osprey/
Thanks for reading! I'm happy to answer questions, get feedback, or discuss things.