Panguard's security pipeline — Detect, Analyze, and Respond — processes threats through deterministic on-device detection: ATR regex rules, behavioral baselines, and on-device correlation, with no LLM in the detection path.
HOW IT WORKS
How Panguard Protects You
Five stages of defense. Deterministic, on-device detection. One command to deploy.
AT A GLANCE
Security that thinks in layers
Each layer catches what the previous one misses. Together, they form a defense system that adapts to your environment.
<50ms
Average detection time
90%
Threats caught by rules alone
7 days
To learn your normal
FIVE DETECTION STAGES
Five stages that catch what others miss
From static analysis to contextual memory, each stage adds intelligence.
Environment Discovery
Automatically maps your infrastructure: OS, services, open ports, installed packages, running processes.
This is how Panguard learns what "normal" looks like for your specific environment.
Rules Engine
650+ ATR detection rules for AI agent security.
Catches 90% of known threats in under 50ms. No AI needed.
Behavioral Baseline
7-day learning period. Panguard observes your system without acting, builds a model of normal behavior.
Switches to protection mode on day 8. No false positives from day one.
Correlation & Static Analysis
When a single rule can't explain a behavior, the engine cross-correlates signals on-device: AST static analysis of skill code plus temporal correlation against the behavioral baseline.
Fully deterministic and offline. No LLM in the detection path -- the same input always produces the same confidence-scored verdict.
Automated Response
11 response actions: log_only, notify, block_ip, kill_process, disable_account, isolate_file, block_tool, kill_agent, quarantine_session, revoke_skill, reduce_permissions. ATR-specific actions for AI agent threats.
Confidence >= 85%: automatic. 50-84%: alerts with evidence, suggests action. < 50%: logs for investigation. Rate limited: kill_agent 3/min, block_tool 10/min.
DETECTION FUNNEL
Three stages. Deterministic. On-device.
Every stage runs locally and produces a reproducible verdict. Rules first, behavioral analysis second, on-device correlation last -- no LLM in the path.
Rules Engine
Stage 1- 650+ ATR detection rules
- 10 threat categories
- Pure regex -- fully deterministic
- Community-driven rule updates
<50ms per event
Behavioral Baseline
Stage 2- Fingerprint & heuristic analysis
- Zero-config -- works out of the box
- Fully offline -- data never leaves
- Flags drift from learned-normal behavior
On-device
Correlation & AST
Stage 3- AST static analysis of skill code
- Temporal correlation of behavioral signals
- Weighs rule confidence + baseline deviation
- Reproducible confidence-scored verdict
On-device
AGENT PIPELINE
Four Agents. One Investigation Engine.
Each agent has a specialized role. Together, they form an autonomous security team.
DetectAgent
Monitors 5 sources: network, processes, filesystem, system logs, normalized events.
AnalyzeAgent
Correlates alerts, determines severity, maps to MITRE ATT&CK framework.
RespondAgent
Executes response based on confidence threshold. Auto, ask, or notify.
ReportAgent
Generates human-readable incident report, sends via Telegram/Slack/Email.
InvestigationEngine
Deep-dives complex incidents with up to 8-step deterministic correlation playbooks.
AUTOMATED RESPONSE
Eleven actions. Three confidence levels.
Panguard doesn't just detect. It acts -- with ATR-specific response actions for AI agent threats.
Block IP
Cross-platform firewall rule with auto-unblock timer
Kill Process
SIGTERM then SIGKILL with process tree cleanup
Isolate File
SHA-256 hash quarantine with restore capability
Block Tool
Prevent MCP tool invocation (rate limit: 10/min)
Kill Agent
Terminate rogue AI agent session (rate limit: 3/min)
Quarantine Session
Isolate compromised AI agent session from other resources
Revoke Skill
Remove skill from whitelist and block future invocations
Reduce Permissions
Downgrade agent access level to minimum privileges
7-DAY LEARNING
It watches before it acts.
No false positives from day one. Panguard learns your environment before making decisions.
Day 1-3
Observation
Process baseline, network patterns, file change patterns, user behavior.
Day 4-7
Statistical Modeling
Builds mean + standard deviation model. Identifies what's truly anomalous.
Day 8+
Protection Mode
Auto-transition to active protection. Continuous learning -- baseline evolves with your environment.
OFFLINE-FIRST
Your protection never depends on the network.
Detection runs entirely on-device. Cloud connectivity only affects rule updates -- never detection itself.
Online
All detection stages active and Threat Cloud reachable -- new rules pull automatically every hour.
Cloud Unreachable
Detection unaffected. The full on-device engine keeps running on the rules already compiled locally.
Fully Air-Gapped
No network at all. Rules engine + behavioral baseline + on-device correlation provide full protection.
Emergency
Core watchdog only. If Panguard itself is targeted, it alerts the owner and preserves forensic logs.
Ready to see it in action?
One command. Completely free. No account needed.
$ curl -fsSL https://get.panguard.ai | bash