Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.garnet.ai/llms.txt

Use this file to discover all available pages before exploring further.

Garnet architecture: deploy Jibril, monitor runtime behavior, assert and publish verdicts
Jibril is the eBPF sensor on the host — observes syscall-level network, process, and file activity with lineage and timing. The control plane ingests that telemetry, evaluates runtime checks, and publishes verdicts to the dashboard, GitHub, and webhooks. More on Jibril at jibril.garnet.ai.

eBPF safety

Jibril needs privileged access to attach eBPF programs. Programs are kernel-verified, run in a restricted sandbox, and cannot perform arbitrary writes. Host isolation is preserved.

GitHub Actions

Add the action to your workflow.

Kubernetes

Deploy as a DaemonSet.