Use Cases
What is it ?
Jibril is a cutting-edge runtime monitoring and threat detection engine, designed to deliver real-time insights with minimal impact on system performance. Powered by eBPF, it remains efficient even under heavy event loads exceeding hundreds of thousands of events per second–delivering real-time protection for modern environments from dev to prod.
Mission
Ensure the security and integrity of your systems at runtime.
Deliver clear and actionable insights
Insights
Deep Visibility on Root Causes
Jibril in less than 5 Minutes
Install and Configure Jibril in Less than 5 Minutes
Main Features
Navigate the tabs for the main features.
Detailed Security Event Information
Jibril provides comprehensive tracking across all system resources, including users, processes, files, and network connections. Its query-driven architecture ensures complete visibility and actionable intelligence into system behavior.
Context Information
(OS Package Versions)Triggerer Ancestry Visibility
FULL File Access HistoryTrack OS Package Dependencies Versions
Detection FULL Context
On Demand CVE Warnings Prioritized Detections with Noise Filtering
Jibril has an automatic mechanism to reduce noise. Repetitive alerts are filtered by its nature. Some detections are limited by amount of times they happened on the same parent process, some others are limited by amount of times they happened by the same executable path, and so on.
All Detections in one Place Inbound and Outbound connections tied to Security Events
Complete View of Remote Peers Per Process
Detections are Linked With Corresponding Remote Peer
Full DNS Resolution Path per Peer and Flow All Processes Communicating with the same Remote Node Are Grouped
All Detections are Flagged on Each Entry (linked with Detections Feature) Network Policy Enforcement
Block Network Connections Using Domains or IP CIDRs.
Get Bad Reputation Domains Alerts Realtime. 
