🛡️ Privacy, security & compliance

Self-securing host — autonomous security watchdog ★ Preview

⚠ This capability is on the roadmap and is not yet a live, sold feature.

Every install continuously monitors and defends its own host — reversible containment in seconds, irreversible actions kept behind an operator gate.

Every installation continuously monitors and defends its own host (guest Linux/Windows/macOS and internet-facing servers) and keeps the OS, apps, UAML and amemor-ai patched. Event-driven detection turns incidents into reversible auto-containment within seconds — ban a brute-force IP, close a rogue public port, isolate a tunnel, apply a security patch within SLA — while irreversible actions stay behind an operator gate. Everything goes into a tamper-evident, off-node-replicated audit chain (logs survive host compromise). Autonomy is bounded by scoped, expiring, revocable policy plus a circuit breaker, a control-plane invariant (it never locks you out of SSH) and a global kill-switch; a continuous threat posture (green→black) self-tunes the thresholds. No port is left public and open. Three independent gates, nothing destructive autonomously. Code complete (P0–P4) and shadow-verified on production, with autonomous responses enabled in phases.