Quick Start: Deploy a Forwarder

This guide walks you through deploying your first Stairwell forwarder on an endpoint.

Prerequisites

• A Stairwell environment has been created for your organization
• You have a file forwarder authentication token (see Create an authentication token)
• Your network meets the connectivity requirements (forwarder traffic allowed, SSL inspection excluded)

1. Download the forwarder

Log into app.stairwell.com and download the forwarder package for your target OS:

• Windows forwarder
• macOS forwarder
• Linux forwarder

2. Install the forwarder

Run the installer on your target endpoint using the file forwarder token generated for your environment. Follow the OS-specific installation instructions linked above for exact commands and configuration options.

3. Verify the asset appears

After installation, the forwarder registers with Stairwell and begins a breach assessment (back scan) of existing executables on the host. Log into the Stairwell UI, navigate to Assets, and confirm that the new asset appears in the list. Check the Registration time column to verify it registered successfully.

4. Validate file collection

Within a few minutes, files from the endpoint will begin appearing in your environment's object store. You can confirm this by navigating to Search and filtering by the asset name, or by checking the asset's detail page for recent sightings. The initial back scan will process all existing executables on disk; ongoing monitoring will capture new file activity automatically.