Skip to main content
Garnet blocks connections to external destinations in real-time (C2 servers, crypto miners, supply chain threats, known malicious domains). When an agent observes an outbound connection to a blocklisted domain, the packet is dropped at the kernel level.
Network Policies
Garnet ships with managed network policies powered by our threat intelligence—curated blocklists of malicious domains maintained by our security team. Updates automatically. No configuration required.
You can also use network visibility to enrich and inform your own firewall rules. Custom network policies coming soon.
Alerts
Blocked connections appear in Detections with full context. If you’ve configured Slack, you’ll receive an alert for each incident. 
