Diogenesis monitors what your AI does at runtime and detects when behavior deviates from baseline. Zero dependencies. Pure Python. One command.
Behavioral threat detection that catches what firewalls and antivirus miss.
Built-in AI alignment with a 7-layer governance pipeline.
Xenobot security agents — always patrolling
The Problem
Traditional security was built for humans clicking buttons, not AI agents making thousands of decisions per second.
Blind spot
Block known threats at the network edge. Can't detect when your AI agent decides to escalate its own permissions or access resources outside its intended scope.
Blind spot
Signature-based detection matches known malware. An AI agent acting outside its intended scope isn't malware — it's emergent behavior with no signature to match.
Blind spot
Tracks CPU, memory, and uptime. Tells you nothing about what your AI is actually doing — which modules it imports, what files it writes, or what connections it makes.
Diogenesis detects novel threats that signature-based security tools miss — because it monitors behavior, not databases. When malware, hackers, or rogue AI agents act in ways your system has never seen before, Diogenesis catches it.
How It Works
Diogenesis sits inside your application, observes every action, and reacts when behavior deviates from baseline.
Architecture
Inspired by biological immune systems — each component mirrors a defense mechanism found in living organisms.
Capture every import, file write, subprocess, and network connection at runtime. Nothing leaves your application unobserved.
4 event classesClassify behavioral patterns — exfiltration, privilege escalation, shadow imports — with graduated response levels from LOG to ALERT.
5 threat patternsTrack per-module behavioral coherence over time, like bioelectric fields in living tissue. Detect drift before it becomes a threat.
real-time coherenceTime system heartbeats at PHI-ratio intervals — 3, 5, 8, 13, 21 cycles. Detect resonance patterns between subsystems that periodic checks miss.
PHI-ratio intervalsAutonomous investigative agents that patrol your system, detect anomalies, and share learning across the swarm — like white blood cells.
swarm intelligenceAgents
Deploy intelligent agents that patrol, detect, investigate, and respond — 24/7, without human intervention.
Monitors websites for structural changes, price updates, navigation shifts, and content modifications. Detects when competitors change pricing, add products, or restructure their site. Cross-site correlation spots industry-wide trends when multiple sites change simultaneously.
Available NowLives inside your AI application. Patrols every import, file write, network connection, and subprocess. Investigates anomalies through a 5-phase cycle: Observe, Question, Hypothesize, Test, Judge. Shares learning across the swarm so all agents get smarter together.
Core FeatureThe Diogenesis SDK provides the XenobotAgent base class. Define a patrol pattern, a detection rule, and a response action. Your agent inherits investigation, learning, prediction, and swarm coordination automatically. 50 lines of code to create an agent that thinks.
SDKGovernance
Diogenesis doesn't just monitor your AI. It governs it. Every action is evaluated through a 7-layer safety pipeline.
Semantic pattern matching against 24 frozen axioms — immutable safety rules that cannot be modified at runtime.
Structural analysis of code patterns. Catches unsafe constructs before they execute.
Multi-stage evaluation pipeline that scores actions against policy constraints.
Meta-monitor that verifies the verifiers — ensures the safety pipeline itself hasn't been compromised.
Canary integrity checks that detect attempts to circumvent or manipulate the governance system.
Immutable hash-linked log of every governance decision. Tamper-proof and permanent.
Interaction-level governance — every user-facing response passes through final safety validation.
Capabilities
Quick Start
Install. Import. Monitor. Diogenesis starts protecting your application immediately.
from diogenesis import start_monitoring # Start behavioral monitoring with one call monitor = start_monitoring() # Your AI application runs normally # Diogenesis watches every import, file write, # network connection, and subprocess in the background # Check what's been observed report = monitor.get_report() print(report.summary)
from diogenesis import get_voltage_field # Get real-time behavioral coherence data field = get_voltage_field() # Check per-module health scores for module, voltage in field.modules.items(): if voltage.coherence < 0.7: print(f"⚠ {module}: coherence={voltage.coherence}") else: print(f"✓ {module}: stable at {voltage.coherence}")
from diogenesis import PolicyEngine # The policy engine detects 5 behavioral threat patterns: # - Data exfiltration (unexpected outbound connections) # - Privilege escalation (unauthorized permission changes) # - Shadow imports (loading modules outside baseline) # - Resource abuse (excessive file/network activity) # - Behavioral drift (gradual deviation from baseline) engine = PolicyEngine() engine.on_threat("exfiltration", severity="ALERT", callback=lambda e: print(f"🚨 Exfiltration detected: {e}") )
from diogenesis import XenobotSwarm # Deploy autonomous investigative agents swarm = XenobotSwarm(agents=5) swarm.deploy() # Agents patrol, detect anomalies, and share learning # Like white blood cells in a biological immune system # Query swarm intelligence threats = swarm.get_consensus_threats() for threat in threats: print(f"[{threat.confidence:.0%}] {threat.description}")
Features
Pricing
The core SDK is free and open source forever. Paid tiers add advanced capabilities for teams that need them.
Everything you need to start monitoring AI behavior at runtime.
Core features plus autonomous investigation and advanced timing.
For teams that need custom topology, dedicated support, and on-premise deployment.
Built on Real Research
Extracted from Prometheus Prime, a self-improving AI system running 24/7 since February 2025.
FAQ
Diogenesis intercepts four categories of runtime behavior: module imports (what code your AI loads), file system writes (what data it creates or modifies), network connections (where it communicates), and subprocess execution (what external programs it launches). Every event is logged, classified, and compared against a behavioral baseline.
Diogenesis is designed for minimal overhead. Interceptors use Python's built-in hooking mechanisms and add negligible latency to individual operations. The Voltage Field and Policy Engine run asynchronously. For most applications, the performance impact is unmeasurable.
A firewall sits at the network boundary and blocks known bad traffic. Diogenesis sits inside your application and monitors behavior. It detects when your AI does something unexpected — like importing a module it's never used before or writing to a directory outside its scope — regardless of whether a firewall would consider that traffic suspicious.
Diogenesis supports Python 3.8 and above. It's tested against Python 3.8, 3.9, 3.10, 3.11, 3.12, and 3.13. No compilation step or C extensions required — it's pure Python.
Yes. Diogenesis uses only the Python standard library. No requests, no numpy, no third-party packages. This is a deliberate design decision — a security tool should not expand your attack surface. What you install is what you get.
Yes. Diogenesis Core is MIT-licensed and production-ready with 104 automated tests. It was extracted from Prometheus Prime, a system that has been running continuously since February 2025. Start with the free tier in staging, then deploy to production when you're confident in your baseline.
The Agents tier (Xenobot Swarm + Fibonacci Clock) is coming soon. Enterprise licensing with custom topology and dedicated support is available now — contact garry@diogenicsecurity.com for details. The Core SDK with Interceptors, Policy Engine, and Voltage Field is free and available today.
Diogenesis is built by developers for developers. If you have issues, suggestions, or ideas — we want to hear them. Every piece of feedback shapes what we build next.