Vigil

Telemetry & Drift Detection

Production

Purpose

Vigil collects process-level signals in a non-blocking manner. It establishes behavioral baselines and detects early deviations.

Without behavioral baselines, operational anomalies and genuine threats are indistinguishable. Longitudinal telemetry with context is needed.

Process-level telemetry

Non-blocking signals with minimal footprint (< 40MB RAM). Rate-limited collection.

Behavioral baselines

Statistical modeling over weeks of data. Early deviation detection.

Drift detection

Identification of gradual behavioral changes that static rules would miss.

Longitudinal data

Data retention for weeks to establish patterns and detect subtle anomalies.

Cross-endpoint correlation

Multi-agent signal aggregation to reveal distributed attack patterns.

Forensic readiness

Complete context for post-incident analysis. Every signal includes origin metadata.