HN Showcase
Back to browse
GitHub Repository

The security agent that fights back. Watches your Linux server from inside, detects threats with kernel-level eBPF, and stops them with on-device AI. Open-source, self-hosted, dry-run by default. Apache-2.0.

157 starsRust

Inner Warden – Self-Defending Security Agent: eBPF+LSM+XDP (Rust, 29MB)

by maiconburn·Mar 21, 2026·2 points·0 comments
Visit ProjectView on HN

AI Analysis

●●●BangerWizardrySolve My ProblemDark Horse

Six eBPF kernel programs block attacks at wire-speed before Falco even sees them.

Strengths
  • XDP blocking happens at kernel level, not userspace — genuine wire-speed response
  • Nineteen stateful detectors catch privilege escalation and container escapes automatically
  • Optional AI recommendations keep autonomous responses auditable and reversible
Weaknesses
  • Linux and macOS only — no Windows support limits enterprise adoption significantly
  • Autonomous security responses risk false positives in production without careful tuning
Category
Security
Target Audience

DevOps engineers, security teams, system administrators

Similar To

Wazuh · Falco · OSSEC

Similar Projects

Security●●Solid

Rust EDR Agent for Linux with eBPF and macOS

Rust EDR with eBPF on Linux competes against CrowdStrike and Wazuh.

WizardryNiche Gem
irqlevel
102mo ago
Security●●●Banger

ClawShield – Open-source security proxy for AI agents (Go, eBPF)

Defense-in-depth AI agent firewall: proxy + eBPF kernel + three-tier injection detection.

WizardrySolve My Problem
sleuthco
223mo ago