The Product Suite
Scan
60-second security audit with 10 scanners. Produces a risk score (0—100), severity-graded
findings, optional PDF reports, and compliance reports (ISO 27001, SOC 2, TCSA).
Guard
24/7 real-time monitoring powered by a 4-agent DARE pipeline (Detect, Analyze, Respond, Report).
10 monitor types, event correlation, automated threat response, and built-in notifications via
Telegram, Slack, Email, and Webhook.
MCP Server
Model Context Protocol server exposing 11 Panguard tools to AI assistants like Claude Desktop
and Cursor.
Threat Cloud
Collective threat intelligence platform. Every Guard instance contributes anonymized threat
data, and every instance benefits from the community’s detections.
How the Products Work Together
The products are designed to complement each other in a layered defense strategy:| Workflow | Products Involved | Description |
|---|---|---|
| Assess and Protect | Scan + Guard | Run a one-time scan to establish your baseline, then enable Guard for continuous monitoring. |
| Detect and Notify | Guard | Guard detects threats in real time and delivers plain-language notifications to your preferred channel (Telegram, Slack, Email, Webhook). |
| Comply and Report | Scan | Scan findings map directly to compliance controls. Generate audit-ready PDF reports with panguard scan --output report.pdf. |
| Scale and Centralize | Guard + Threat Cloud | Deploy Guard agents across your fleet and correlate threats globally via Threat Cloud. |
| AI Copilot | MCP + Scan + Guard | Use natural language in Claude or Cursor to run scans, check status, and block IPs via the MCP server. |
Architecture at a Glance
Panguard is built as a 13-package TypeScript monorepo managed by pnpm workspaces. All packages share a common@panguard-ai/core foundation that provides the rule engine, monitor engine, AI provider abstraction, i18n, and structured logging.
| Layer | Components | Responsibility |
|---|---|---|
| Endpoint | Guard, Scan | Local detection, scanning, and notifications |
| Management | Guard | Endpoint protection and local fleet coordination |
| Intelligence | Threat Cloud | Collective IoC sharing |
| Integration | MCP | AI assistant integration |
Each product can run independently. You do not need to deploy the full suite. Start with
panguard scan and add products as your needs grow.