: Host Defender architecture
Table of Contents

Host Defender architecture

Because we’ve built Prisma Cloud expressly for cloud native stacks, the architecture of our agent (what we call Defender) is quite different. Rather than having to install a kernel module, or modify the host OS at all, Defender instead runs as a systemd or system module (not a kernel module) in user space, intercepting every syscall interaction and file changes, and actively blocking or alerting according to the rules defined in Console.

Recommended For You