Current support target: latest main branch and newest tagged release.
Please do not open public issues for suspected vulnerabilities.
Preferred process:
- Email lpcisystems@gmail.com (or use a private GitHub Security Advisory, if enabled).
- Include reproduction steps, expected impact, and any known mitigation.
- You should receive acknowledgment as soon as possible.
Before production use:
- Start in audit-first mode and validate policy against real workloads.
- Prefer
--agent-pidover process-name matching. - Keep scope allowlists narrow and explicit.
- Store logs on protected storage and define rotation/retention.
- Pair with inbound protections (for example, Little Canary) for layered defense.