Spyderbat Platform Architecture

Delivered via a continuous stream processing engine, the solution's architectural components produce complete and accurate traces at scale.

  • Spyderbat Nano Agent

    uses Linux eBPF to record ground-truth data, including every system interaction, user session, network connection, process, and file access.

  • The Universal Causal Graph

    continuously assembles ground-truth data into a living temporal graph, a ‘Google Maps’ of each activity seen in context with its causal outcomes.

  • Flags

    identifying MITRE ATT&CK techniques, or third-party alerts received via API, are seen in context on the Universal Causal Graph.

  • Spydertraces

    continuously assesses each trace on the Universal Causal Graph with any new causal activity for early and accurate detection.

Scroll down to see more
Spyderbat Platform Architecture
Linux Runtime Security

Accuracy, Speed, Completeness

Spyderbat's architecture enables a fundamental shift. Instead of individual alerts, suspicious activities are seen in their full context. It enables organizations to focus on what matters, with immediate and complete results. Take the shift and try Spyderbat now.


Use cases