ACTIVE
Systems
WasmSentinel
Lightweight real-time threat detection tool using WebAssembly for high-performance security
// DESCRIPTION
WasmSentinel provides real-time security monitoring using WebAssembly sandbox environment for safe and efficient rule execution.
Architecture
- Host: Go-based event collection and orchestration
- Rules: Rust-compiled Wasm modules for detection logic
- Collection: eBPF-based kernel event capture
- Runtime: Wasmtime for secure rule execution
Deployment Options
- Standalone Docker container
- Kubernetes DaemonSet for cluster-wide protection
- Prometheus metrics for monitoring
Detection Capabilities
File system monitoring, network analysis, process behavior, and custom rule support.
// HIGHLIGHTS
- Production-ready v1.0 release
- Live demo available
- Comprehensive test suite with attack simulations
- Kubernetes native deployment