Product
What's the difference between Jibril and Garnet Platform?
What's the difference between Jibril and Garnet Platform?
Jibril = Agent (open source, free)
Garnet Platform = Dashboard to manage agents (paid)You need both for full experience.
Garnet Platform = Dashboard to manage agents (paid)You need both for full experience.
Can I use Jibril without the Platform?
Can I use Jibril without the Platform?
Yes, but you won’t get dashboard, alerts, or multi-agent management. Good for single-server testing only.
How does it compare to Falco?
How does it compare to Falco?
Similar eBPF approach, but Garnet actively blocks threats, not just detects. Also has managed platform option.
What's your pricing?
What's your pricing?
- Free for 3 agents
- $49/agent/month for Pro
- Custom for Enterprise
Technical
What kernel version do I need?
What kernel version do I need?
Linux kernel ≥5.15
What's the performance impact?
What's the performance impact?
<1% CPU overhead, ~50MB RAM per agentDetailed benchmarks →
Does it work on ARM?
Does it work on ARM?
Yes, ARM64 supported.
Can it run without privileged mode?
Can it run without privileged mode?
No. Requires
CAP_BPF + CAP_SYS_ADMIN minimum or privileged: true.Does it work with Istio/service mesh?
Does it work with Istio/service mesh?
Yes, monitors at kernel level, agnostic to service mesh.
What about encrypted traffic?
What about encrypted traffic?
We see connection metadata (IPs, domains, ports) but not payload.
Deployment
How do I upgrade agents?
How do I upgrade agents?
Kubernetes:GitHub Actions:
Update version in workflow file.
Update version in workflow file.
Can I run multiple agents per host?
Can I run multiple agents per host?
No need - one agent monitors entire host.
What happens if agent crashes?
What happens if agent crashes?
Kubernetes/Docker will restart it. No events are lost (buffered).
How do I uninstall?
How do I uninstall?
Kubernetes:Docker:
Security
What data is sent to Garnet Platform?
What data is sent to Garnet Platform?
Process metadata, network metadata, file events. No file contents or secrets.See security details →
Is it SOC 2 compliant?
Is it SOC 2 compliant?
Yes, SOC 2 Type 2 certified.View report →
Where is data stored?
Where is data stored?
- US (AWS us-east-1) by default
- EU region available for Enterprise
How long is data retained?
How long is data retained?
- 7 days (Free)
- 90 days (Pro)
- Custom (Enterprise)
Troubleshooting
Agent not showing in dashboard?
Agent not showing in dashboard?
No detections appearing?
No detections appearing?
This is normal if no threats. Test detection →
Too many false positives?
Too many false positives?
Create allowlist at
dashboard.garnet.ai/settings/allowlistCan’t find your answer? Ask in Discord