Agentic Security — AI Detection & Response (AIDR)
Endpoint-native AIDR for Cursor, Claude Desktop, Claude Code, Codex, and OpenClaw
Endpoint-native AI Detection & Response for coding agents. EDAMAME observes each agent from outside, at the endpoint boundary — no plugin or SDK inside the agent. Prove behavior on the host as EDAMAME Security and EDAMAME Posture score divergence between declared intent and live activity and surface attack-pattern findings such as credential harvest and token exfiltration; then enforce — when a critical finding or divergence verdict lands, EDAMAME Hub pulls that host from your IdP and provider allow-lists in real time. Agent inventory, reach, and history live in Agentic Posture Visibility.
Why AIDR
Static hardening matters. AIDR is the missing layer.
Poisoned tools, compromised plugins, and opportunistic agentic coding are emerging risks: a coding agent can drift from its declared task while staying inside nominal policy boundaries, and a compromised dependency can harvest secrets while the package chain still looks legitimate. EDAMAME has flagged attack patterns such as the axios npm RAT, the tj-actions/changed-files GitHub Actions compromise, and the litellm PyPI takeover. EDAMAME does not ask a language model to guess what happened. As an endpoint-native AIDR layer, it observes each agent from outside the agent, starts from high-quality host signals, then applies AI to interpret, explain, and remediate. It scores divergence between declared intent and observed behavior from endpoint truth, and uses the same telemetry to detect attack-pattern findings — what code opens, spawns, and sends.
Static setup is not enough
Signed tools, sandboxing, least-privilege installs, and scoped permissions reduce exposure before runtime. That setup still stops short of describing what the agent does once execution starts.
Runtime drift still happens
An agent can read external content, use allowed tools, or load a poisoned plugin and still stay inside the nominal setup while moving away from the original task.
System truth closes the gap
Unexpected traffic, new processes, file changes, posture drift, and sensitive-file access are the host-side ground truth. The same evidence makes divergence visible and attack-pattern findings actionable.
Fleet and endpoint
Prove on the host. Isolate from the Hub.
EDAMAME splits the workload into posture you can automate and verification you can trust: anchor every runner, server, or workstation, then reconcile declared coding-agent intent with observed processes, filesystem, traffic, and posture signals while detecting compromised behavior through attack-pattern findings such as credential harvest and token exfiltration. The moment an attack pattern or a divergence verdict lands, EDAMAME Hub automatically isolates the compromised agent host — pulling it from your IdP and provider allow-lists in real time. Agent discovery and inventory live in Agentic Posture Visibility.
Harden the runner or agent host
Use EDAMAME Posture on CI/CD runners, servers, and self-hosted agent hosts such as OpenClaw; then reconcile the systems EDAMAME Hub identified as unmanaged with deterministic posture proofs on those machines.
• Continuous posture monitoring and scoring
• Automated hardening and policy gates
• L7 traffic visibility and escalation
• Strong foundation for self-hosted agents
Verify intent on the host
Intent evidence starts at the workstation or host. EDAMAME ingests agent-native signals beside process, file, network, and posture observations, then turns drift into attributable evidence. The same host stream feeds attack-pattern findings when code touches sensitive paths or exfiltrates tokens.
• Intent evidence: declared task and session context
• Host truth: processes, files, network, and posture
• Divergence score with an evidence trail
• Attack-pattern findings from live host telemetry
Self-hosted agents
Secure runners, build hosts, and OpenClaw servers
EDAMAME Posture secures the infrastructure behind agentic work: CI/CD runners, isolated VMs, and self-hosted coding-agent hosts. Harden the substrate; runtime verification then reconciles declared agent work with what those machines actually observe, while attack-pattern findings detect compromised packages, credential harvest, and anomalous exfiltration from the same telemetry.
Runner and build-host hardening
Patch, firewall, encryption, remote-access, and endpoint checks keep build infrastructure trustworthy before secrets or repositories are touched.
OpenClaw-ready host posture
Deploy the same CLI and posture controls on OpenClaw servers and isolated agent VMs before you rely on unattended agents. Verification attaches cleanly at the host.
Automatic isolation, not just alerts
Once an attack pattern or a divergence verdict is detected, the device score degrades and EDAMAME Hub conditional access automatically isolates the compromised agent host — revoked from your IdP and provider allow-lists in real time, with human-in-the-loop escalation to inspect the evidence.
Choose your surface
Secure the agent surface you use today
Once anchored, every host produces divergence evidence and attack-pattern findings across Cursor, Claude Desktop, Claude Code, Codex, and self-hosted OpenClaw — and a compromised one is isolated automatically. Start from the agent inventory in Agentic Posture Visibility to know which hosts to anchor first.
Secure Cursor and Codex on the developer workstation
Cursor and OpenAI Codex run on EDAMAME-secured workstations that EDAMAME Hub inventories fleet-wide. Correlate IDE activity with posture, filesystem, and network telemetry to score divergence and surface attack-pattern findings.
Bring runtime monitoring to Claude Desktop and Claude Code
Instrument Claude Desktop sessions and Claude Code workflows with workstation-level telemetry. Agent-native cues and host truth stay aligned while attack-pattern checks watch for sensitive-file access and exfiltration behavior.
Protect self-hosted OpenClaw environments
Harden OpenClaw servers and VMs with EDAMAME Posture, then add runtime verification and attack-pattern findings through the package, plugin bundle, and provisioning flow.
