ARCA.VISION
// ABOUT — THE THESIS

Userspace
observability is a
liability.

Every AI security tool you've heard of runs in the same address space as the agent it's supposed to govern. We don't. We sit beneath it.

// THESIS
Every AI agent runs on a GPU. Every GPU is driven by a kernel. The kernel is the only place an observer cannot be lied to.

Arca.Vision is the next decade of AI security: a patent-pending, host-native interception layer that sits below the agent in the host kernel — non-invasive, microsecond-grained, and deployed by our engineering team onto your hosts.
// PHASES — THE ENGINE

Four phases.
One kernel hook.

PHASE 1
The Nvidia Hook
Aya uprobe attached to libcuda.so:cudaLaunchKernel plus an eBPF ring buffer streaming launch events to the Rust agent. Minimum viable interception. Kernel-side. Non-invasive.
PHASE 2
The Zombie Sentry
Sliding window per (pid, fn_ptr, dims) flags hung agents and runaway loops in real time. SIGKILL on policy. ROI lands fast — wasted GPU-hours stop billing.
PHASE 3
The Exfiltration Gate
syscalls:sys_enter_ioctl tracepoint feeding a two-stage exfil pipeline: kernel-side heuristic into an on-host Phi-3 SLM that scores intent. No data leaves the host. Ever.
PHASE 4
The Pane
Turn-key Grafana dashboard backed by a loopback Prometheus exporter. We provision it. You see it. Your auditors see it.
NEXT
Fleet Console
Cross-host aggregation, signed evidence bundles, exporters for Splunk · Datadog · Loki · OTel. In design with our enterprise customers.
// IP & ARCHITECTURE

Patent-pending.
Architecture under NDA.

Arca.Vision is a proprietary, patent-pending governance layer covering the kernel-side interception pattern, the on-host SLM gate, and the integration tooling our team uses to deploy it onto customer hosts. We do not ship source. Architectural deep-dives, design rationale, and security review packets are available under NDA.

// HOW WE SHIP

We deploy.
You don’t install.

Arca.Vision is a white-glove product. Our engineering team attaches the Sentry into your hosts — bare metal, AWS EC2, GCP Vertex, or private cloud — tunes the eBPF attach for your kernel build, and stays on call. There is no SDK to integrate. No Helm chart to run. No agent to patch.

// WHO WE SHIP TO

Regulated AI
at scale

Healthcare. Financial services. Robotics. Sovereign AI. The fleets where userspace observability is a liability and the evidence chain has to come from below the agent. If that is you, talk to us.