Results for secureops

SecureOps tamper-evident audit log: append-only hash chain + ed25519 signing + optional Rekor/RFC3161 anchor.

SecureOps kernel PEP: syscall/egress correlation; Linux aya CO-RE + LSM-BPF, macOS Endpoint Security fallback (PRODUCT.md B.6).

SecureOps command-line interface: audit / harden / monitor / init / kill / export-incident (PRODUCT.md B.1-B.3, B.9, Part C)

SecureOps shared core: types, Check/AuditContext traits, scoring. No I/O.

SecureOps keystore crypto: AES-GCM + Argon2id, v1-readable; OS keychain/TPM signing keys.

SecureOps Ring-2 root-of-trust daemon: wires the PDP + all PEPs (proxy/sinkhole/eBPF/sandbox) + AlertBus + signed audit log.

tokio::fs-backed AuditContext + localhost port probe for SecureOps (PRODUCT.md A.4 / B.2)

SecureOps IPC: unix-socket JSON-RPC protocol + SO_PEERCRED/LOCAL_PEERCRED peer auth.

SecureOps runtime monitors: tokio monitor loops, AlertBus, SQLite persistence, cost circuit breaker.

SecureOps N-API addon surface: plain Rust audit entrypoints the napi-derive wrappers expose to the TS shim (Ring 1).

SecureOps PDP: the single allow/deny/escalate authority (Rego/Cedar eval, hot-reload, decision cache).

SecureOps egress PEP: forward proxy + DNS sinkhole, fail-closed (PRODUCT.md B.5).