01 ENFORCE
Policy enforcement
augur_gate
What agents can call, how, and under what conditions — decided before execution.
// agentic_security_infrastructure
Enforcement, observation,
and audit for the
agentic SOC.
AI agents are running in the security operations center. Periheliax governs what they do — and proves it, action by action.
$ periheliax connect --soc_
14:22:01 INTERPRET triage-01 · INC-4471 · false positive — benign RMM tool · conf 0.91
14:22:02 ACTION triage-01 · INC-4471 · close_case → allowed
14:22:05 INTERPRET triage-02 · INC-4473 · lateral movement · T1021 · conf 0.74
14:22:06 ACTION triage-02 · INC-4473 · isolate_host → denied · prod-needs-approval
14:22:09 REVIEW reviewer · INC-4470 · overrode triage-05 — missed persistence T1547
14:22:12 SEAL INC-4471 · interpretation + action sealed · seq 88213 · sha 9f2a…
Illustrative — every agent decision, its evidence, and its disposition, sealed in sequence.
02 OBSERVE
Real-time observation
argus
Every agent action seen with full context, before it reaches the tool.
03 AUDIT
Immutable audit
auspice
A dual stream of interpretations and actions, sequenced and archived for review.