Comparison

Gaussian vs. Existing Tools

How the AI agent firewall compares to EDR, SAST, prompt guardrails, and macOS Sandbox.

The core difference

Your EDR blocks malicious processes.
Gaussian knows which ones were AI-initiated.

Modern EDR/XDR platforms block known-bad process chains and correlate threat signals. Gaussian adds what they can't: agent identity. It classifies whether execution was AI-initiated or human-initiated, and applies different policy based on that distinction.

Capability comparison

YesPartialNo

Knows the actor is AI

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

Code-signing identity verification per-process

Blocks runtime actions

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

Sync AUTH on exec, file open, and network

Correlates multi-step chains

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

Causal graph with DAG traversal + BFS

Applies different AI vs. human policy

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

Parent-chain signing-ID classification

Governs MCP tool calls

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

Classifies MCP runtimes by process lineage

Supply chain install gate

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

AUTH_EXEC intercept + postinstall evaluation

Behavioral detection rules

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

25 production rules across 6 tiers, IR-compiled

macOS native (no KEXT)

EDR / XDR
SAST
Prompt Guards
macOS Sandbox
Gaussian

ES + NE + DNS Proxy system extensions

Real-time classification

Gaussian Dashboard · Agent Classification
Gaussian dashboard showing AI Agents, Execution Engines, Developer Environments, Interaction Surfaces, and Utility Tooling classification columns

253 agents classified in real time — AI Agents, Execution Engines, Developer Environments, Interaction Surfaces, Utility Tooling

How Gaussian sees execution

What EDR sees

PID 4821
node ← normal process
PID 4821
open ~/.aws/credentials ← allowed
PID 4821
connect api.evil.io:443 ← allowed

Same policy whether human or AI spawned this process.
No agent context. No causal chain.

What Gaussian sees

AUTH
Cursor → node mcp-server.js agent: aiClient
FILE
open ~/.aws/credentials → readSensitiveFile
NET
connect api.evil.io:443 → networkConnectExternal
QuarantineRule: secret_read_to_external_network_chain

Causal graph detected: AI agent read credentials → connected external. Quarantine + VerdictCache flush.

Enforcement flow

1

Cursor spawns

node mcp-server.js
2

Gaussian classifies

agent: aiClient → mcpRuntime
3

node reads

~/.aws/credentials
4

node curls

external-api.io
5

Gaussian verdict

QUARANTINE — secret→egress chain

Fits your stack

EDR co-existence

Apple's multi-client ES API. Runs alongside CrowdStrike, SentinelOne, Defender.

SIEM output

Splunk HEC, Datadog API, syslog. Native integration, not just webhooks.

MDM deployment

PKG + config profiles. Jamf, Kandji, Mosyle — standard fleet tools.

MITRE ATT&CK

Every behavioral rule maps to ATT&CK technique IDs.

Honest gaps

macOS only

Gaussian uses Apple's ES + NE APIs. Windows and Linux are on the roadmap but not shipped.

Behavioral detection is async

Sync enforcement blocks the first gate. Behavioral rules catch the next action in the chain, not always the first.

Early stage

Gaussian is in active development with design partners. Enterprise features are shipping, not all GA.

Running AI agents on Mac at scale? We'll tune policy with you.

Design partners →