Capabilities
Everything Palisade does
A pull-only agent, a signed and version-aware detection catalog, and a multi-tenant control plane that scores posture, alerts, and triages findings. The full capability set, grouped by what it protects.
Detection
Signed detection catalog
An Ed25519 signature covers a canonical manifest. The agent rebuilds the manifest and verifies it against a pinned public key before running any detection, and fails closed on mismatch. This gives integrity over an untrusted channel.
Version-aware matching
Detections target assets by service and version range, for example <1.40.2 or >=11.1.4 <15.2.3. Unknown versions fail open so a vulnerability is never silently skipped.
Pluggable detection engines
YAML HTTP and flow detections run alongside a compiled module engine backed by a spec_ref registry in the agent. The first module covers the Next.js middleware bypass, CVE-2025-29927.
Trust & isolation
Pull-only Go agent
Written in Go 1.22 with the standard library only. It enrolls once, discovers listening services on-host, and runs detections locally. No inbound ports, and nothing is pushed to the host.
Agent mTLS
Enrollment issues a client certificate from an internal CA, verified at a TLS-terminating proxy. A bearer agent_secret is the plaintext-demo fallback.
Encrypted evidence at rest
Per-org AES-256-GCM under a per-org wrapped data key. Only normalized findings leave the host in the first place.
Multi-tenancy + RBAC
Users, orgs, and session auth with owner/admin/member/viewer roles, and Postgres row-level security scoped per org_id. A SECURITY DEFINER path keeps the cross-tenant catalog aggregate correct under RLS.
Operations
Posture scoring + 30-day trends
Posture is scored over time with real historical trends, not synthetic data.
Alerting
Channels (telegram, email, webhook) and rules combining min_severity and on_events (new or regressed) routed to a channel. Alert history is kept, channel secrets are redacted on read, and per-rule quiet hours defer delivery.
AI triage + drafting
With an ANTHROPIC_API_KEY, new findings are scored in the background off the request path with a priority, score, and rationale. New detections can be drafted from a CVE advisory URL, reviewed, and accepted, which bumps the catalog version. It no-ops without a key.
Durable queue
An Arq and Redis worker handles triage and alert delivery, with an in-process BackgroundTasks fallback when REDIS_URL is unset.
Architecture & stack
Four components, one repo
| Component | Path | Stack |
|---|---|---|
| Control plane | control-plane/ | FastAPI + SQLAlchemy + Alembic (sqlite default, Postgres in compose) |
| Agent | agent/ | Go 1.22, stdlib-only |
| Web UI | web/ | React + TypeScript + Vite + Tailwind |
| Detections | detections/ | YAML validated against a JSON schema |
Proof of concept
Honest about scope
Palisade is an open proof-of-concept built on Kenneth Lacroix's brand infrastructure. The capabilities above are implemented in the repository; the production operations layer — live deploy, status page, dashboards, and runbooks — is still being built.