immune

command
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 31, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Package main provides the SENTINEL immune agent (SEC-002 eBPF Runtime Guard).

The immune agent monitors SOC processes at the kernel level using eBPF tracepoints and enforces per-process security policies.

On Linux: loads eBPF programs for syscall/file/network monitoring. On Windows/macOS: uses process monitoring fallback (polling /proc or WMI).

Usage: 

go run ./cmd/immune/ --policy deploy/policies/soc_runtime_policy.yaml
SOC_GUARD_MODE=enforce go run ./cmd/immune/

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.