Welcome to Apiary
Your tenant is ready. Deploy your first agent to start seeing live telemetry — a known-bad dependency raises an alert automatically, no setup required.
Welcome
Your supply-chain & runtime security console — telemetry, detections, and fleet health in one place.
| Kind | Detail | Endpoint | When |
|---|
Alerts
Detections raised across your fleet — most severe first.
| Severity | Title | Rule | Status | Count | Last seen |
|---|
Event stream
All ingest events from enrolled endpoints —
| Type | Host | Summary | Observed |
|---|
Components
Every package installed across your fleet (SBOM) — answer "where is X installed, and at what version".
Evaluations
Dual-axis package scoring across the fleet — security verdict and maturity grade, never collapsed. Most concerning first.
| Package | Ecosystem | Version | Endpoint | Security | Maturity | Risk | Gate | Last seen |
|---|
Prompts
Prompts captured on the way to AI tools across your fleet — scored by ML for injection, jailbreak, secret/PII leakage, and malicious intent. Riskiest first. Secrets are redacted at the endpoint.
| Prompt | Tool | Categories | Risk | Secrets | Endpoint | Captured |
|---|
Applications
Installed applications across your fleet, ranked by risk score.
| Application | Endpoint | Version | Source | Signing | Entitlements | Risk | Last seen |
|---|
AI Security
Live AI Bill of Materials — models, agent configs, and datasets discovered across your fleet.
| Asset | Type | Format / Framework | Risk | Source | Size | Endpoint | Last seen |
|---|
AI Policies
Define what AI components are allowed on your fleet. Violations are flagged automatically.
| Policy | Rule type | Severity | Action | Status | Violations |
|---|
Recent violations
| Asset | Type | Policy triggered | Endpoint | Action | Seen |
|---|
AI Testing & Red Team
LLM evaluations, runtime guardrails, and MCP traffic inspection — with a live OWASP LLM Top 10 / NIST AI RMF / MITRE ATLAS report card.
| Suite | Provider | Cases | Last run | Pass rate |
|---|
Test a prompt or response against the guardrails
Guardrail policy
| Rule | Category | Applies | Severity | Action | Enabled |
|---|
Recent checks
| When | Direction | Verdict | Severity | Triggered | Snippet |
|---|
Inspect an MCP message (tool advertisement, call, or result)
Discovered MCP servers
| Server | Transport | Tools | Risk | Source |
|---|
Recent inspections
| When | Server | Kind | Verdict | Severity | Findings |
|---|
Endpoints
Endpoints reporting into your fleet. Select a row for components, evaluations, and recent telemetry.
| Host | OS | Version | Status | Health | Last seen | Alerts |
|---|
File integrity
Changes to watched files across the fleet — modifications, replacements, and deletions of system and critical paths.
| Path | Change | Class | Endpoint | Hash | Observed |
|---|
Anomalies
Hidden artifacts and masquerades surfaced by runtime heuristics — hidden executables, world-writable scripts, kernel-thread impersonation.
| Path | Kind | Score | Reason | Endpoint | Observed |
|---|
Access management
Manage teammates, roles, and access. SSO onboarding via SAML + SCIM is available when configured.
| Name | Auth | Role | Status | Joined |
|---|
| Role | Type | Members | Description |
|---|
Audit log
Every action, tamper-evident and verifiable end to end with a SHA-256 hash chain.
| Time | Actor | Action | Target | Outcome |
|---|
Settings
Detection rules, alert destinations, feature flags, and suppressions.
Detection rules
What raises an alert. Every org starts with high-signal defaults — tune or add your own.
| Name | Triggers on | Severity | Status |
|---|
Alert destinations
Webhooks fired when an alert is raised. Signed with HMAC-SHA256 when a secret is set.
| URL | Min severity | Signed | Status |
|---|
Feature flags
Per-org entitlements and runtime toggles. Deny-by-default — an unset flag is off.
| Key | Value | Enabled |
|---|
Inbound connectors
Pull security events from Okta, Microsoft Entra ID, or Elasticsearch into the detection pipeline. The same rules and ML triage apply.
| Source | Name | Status | Last poll | Events pulled | Interval |
|---|
Add inbound connector
Muted findings
Suppressions silence known-benign matches. Mute from an alert's detail panel; remove here to un-mute.
| Reason | Match | Rule | Expires |
|---|