Welcome to Apiary
Your tenant is ready. Deploy your first agent to start seeing live telemetry — a known-bad dependency raises an alert automatically, no setup required.
Explore your console
Security telemetry, detections, and fleet management in one place.
| Kind | Detail | Endpoint | When |
|---|
Alerts
Detections raised across your fleet — newest first.
| Severity | Title | Rule | Status | Count | Last seen |
|---|
Event stream
All ingest events from enrolled endpoints —
| Type | Host | Summary | Observed |
|---|
Components
Every package installed across your fleet (SBOM) — answer "where is X installed, and at what version".
Evaluations
Dual-axis package scoring across the fleet — security verdict and maturity grade, never collapsed. Most concerning first.
| Package | Ecosystem | Version | Security | Maturity | Risk | Gate | Last seen |
|---|
Applications
Installed applications across your fleet, ranked by risk score.
| Application | Platform | Version | Source | Signing | Entitlements | Risk | Last seen |
|---|
AI Security
Live AI Bill of Materials — models, agent configs, and datasets discovered across your fleet.
| Asset | Type | Format / Framework | Risk | Source | Size | Endpoint | Last seen |
|---|
AI Policies
Define what AI components are allowed on your fleet. Violations are flagged automatically.
| Policy | Rule type | Severity | Action | Status | Violations |
|---|
Recent violations
| Asset | Type | Policy triggered | Endpoint | Action | Seen |
|---|
Endpoints
Endpoints reporting into your fleet. Select a row for components, evaluations, and recent telemetry.
| Host | OS | Version | Status | Health | Last seen | Alerts |
|---|
File integrity
Changes to watched files across the fleet — modifications, replacements, and deletions of system and critical paths.
| Path | Change | Class | Endpoint | Hash | Observed |
|---|
Anomalies
Hidden artifacts and masquerades surfaced by runtime heuristics — hidden executables, world-writable scripts, kernel-thread impersonation.
| Path | Kind | Score | Reason | Endpoint | Observed |
|---|
Access management
Manage teammates, roles, and access. SSO onboarding via SAML + SCIM is available when configured.
| Name | Auth | Role | Status | Joined |
|---|
| Role | Type | Members | Description |
|---|
Audit log
Every action, tamper-evident and verifiable end to end with a SHA-256 hash chain.
| Time | Actor | Action | Target | Outcome |
|---|
Detection rules
What raises an alert. Every org starts with high-signal defaults — tune or add your own.
| Name | On event | Severity | Enabled |
|---|
Alert destinations
Webhooks fired when an alert is raised. Signed with HMAC-SHA256 when a secret is set.
| URL | Min severity | Signed | Enabled |
|---|
Feature flags
Per-org entitlements and runtime toggles. Deny-by-default — an unset flag is off.
| Key | Value | Enabled |
|---|
Muted findings
Suppressions silence known-benign matches. Mute from an alert's detail panel; remove here to un-mute.
| Reason | Match | Rule | Expires |
|---|