The Edge agent is a single signed binary that installs on Linux, Windows, macOS, ARM edge devices and OT gateways. It collects telemetry, runs the on-device AI analyst, and executes response playbooks. Ransomware it contains on its own. Everything else it runs past a human. It deploys into cloud, on-prem, air-gapped and sovereign estates with identical behaviour.
The Edge agent is a single Go binary. No runtime dependencies, no framework installs, no per-platform SDKs. It runs the same way on a modern Windows laptop, a 2011 RHEL 6 manufacturing controller, and an ARM gateway aboard a survey vessel with a six-hour satellite window.
ETW, Windows Event Log, Sysmon, Defender telemetry, process tree, registry. Signed MSI with optional group-policy deployment.
eBPF where available, auditd fallback, systemd-journald, syslog. DEB, RPM, static musl binary for legacy. Hardened init script for SELinux/AppArmor.
Endpoint Security Framework, unified log, Gatekeeper events. Signed and notarised PKG.
ARM64, ARMv7, MIPS, x86-legacy builds. Read-only "tap" mode for Windows XP/7 controllers that cannot tolerate agent process pressure.
Maritime. Defence. Mining. Manufacturing. Healthcare device fleets. Remote sites with segmented networks or air-gapped cells. These are estates where the modern cloud-first EDRs either refuse to deploy, cost too much, or require a cloud round-trip that the customer cannot provide. Edge runs there natively.
Ransomware is the only response class where the cost of waiting for a human is worse than the cost of an over-reaction. Edge is configured out-of-the-box to contain ransomware autonomously, with a narrow, well-specified heuristic: rapid entropy climb on user files plus canary file interaction plus shadow-copy deletion. Every other response is gated.
Entropy monitor flags a process rewriting >50 files with high-entropy output. Canary file (hidden sentinel) is modified. Shadow-copy deletion API invoked. Three of three = ransomware pattern.
Offending process tree killed. File handles released. Suspicious binary quarantined with signed hash. User session frozen pending review.
Host disconnected from network at kernel level. Only control-plane connection to Edge retained. Lateral spread cannot progress.
File hash, process hash, C2 indicators pushed to every other agent in the tenant. All endpoints now block-list the indicators. MSSP book-wide pre-emption where cross-tenant intel propagation is enabled.
Verdict card lands in Slack / Teams / PagerDuty with cited evidence chain. Analyst reviews and confirms eradication path, approves reimage or clears false-positive. Outcome verb fires. Time-to-contained recorded.
Autonomous response beyond ransomware is a shorter-term cost saving and a longer-term incident. An agent that quarantines the wrong account at 03:00 is the kind of story that ends product evaluations. Edge deliberately ships with a narrow autonomy surface and a wide human-gated surface. You can broaden it per playbook, per tenant, per time-window. But the default is conservative on purpose.
Every response action outside ransomware containment is a human-gated button. The agent pre-composes the action, the AI analyst pre-writes the justification, and a named operator approves. Each approval produces an audit record with the operator identity, the chat thread, the verdict ID and the time-to-execute.
| Action | Default mode | Typical approver | Audit artefact |
|---|---|---|---|
| Ransomware containment | AUTO | · (platform) | Signed autonomous-action log |
| Host isolation | HUMAN | SOC tier-two | Chat approval + operator ID |
| Credential revoke / session kill | HUMAN | SOC tier-two + IAM team | Dual-approval chat thread |
| Firewall / DNS block | HUMAN | Network operations | Change-ticket link + operator ID |
| Endpoint reimage | HUMAN | Endpoint operations manager | Business-unit notification + sign-off |
| Cloud resource quarantine | HUMAN | Cloud-platform owner | CSP audit log + tenant approval |
The default modes are starting points, not commitments. Each action has a tenant-level and business-unit-level override. Autonomy can be extended, for example, for well-understood malware families in out-of-hours windows, with a tripwire that reverts to human gating on anomaly detection.
Every response playbook is a YAML file in Git. Changes flow through pull request. Behaviour is deterministic, diffable and rollback-able. A ransomware-containment workflow that a competitor would bury inside a proprietary drag-and-drop canvas is in Edge a thirty-line file your platform team reviews like any other infrastructure change.
Connectors are first-class. Slack, Teams, PagerDuty, ServiceNow, Jira, CyberArk, Okta, Azure AD, Cloudflare, Palo Alto, Fortinet, Cisco ISE, AWS, GCP, Azure. Every connector has an idempotent action schema, a dry-run mode, and a rollback path. The platform team does not write glue code; it composes playbooks.
Terraform modules for AWS, Azure, GCP. Helm charts for Kubernetes. Ansible playbooks for bare metal and VMware. SSL automation via Let’s Encrypt or your internal CA.
Ships with Group Policy, Intune, Jamf, Ansible, Chef, Puppet, SaltStack integrations. Single config file per estate. Auto-updating with signed binaries and tenant-scoped version pinning.
Full offline installer with bundled models, bundled signed images, bundled update channel. Update cadence controlled by your SCIF policy, not our release train.
Single-tenant in your region, your cloud account, your hardware. Zero vendor access to your data. Signed binaries verifiable against a hash published to a public transparency log.
A security agent with a large privilege surface is itself a high-value target. Edge is architected on the assumption that the next supply-chain attack will target a vendor like us. The mitigations below are the baseline, not the premium tier.
Customers are encouraged to run adversarial review against their Edge deployment, including attempts to tamper with the agent, to spoof the control plane, to execute unauthorised playbook variants, and to exfiltrate via the telemetry channel. Findings are disclosed through the customer bug-bounty programme with standard vendor SLAs.