The quote that started this
We were running a small SaaS on a single VPS. After a brute-force wave one weekend we did what most people do: ask an MDR vendor for a quote. The number came back at roughly $30,000 per year with a one-year minimum, plus a per-endpoint uplift if we ever added a second server.
Two days later a different vendor told us politely that they do not sell to single-person companies because the support overhead is not worth it. That was the moment we stopped looking for a vendor and started writing code.
Open source is great, but you still have to wire it
The OSS toolbox for Linux endpoint security is genuinely good. fail2ban, Wazuh, Suricata, osquery, and Falco each solve a real problem. Stitched together they cover most of what an EDR does.
The honest part nobody tells you: stitching them is a job. You need a person who knows eBPF kernel hooks, Sigma rules, OSSEC decoders, and the right way to turn a Suricata alert into a firewall action without locking yourself out at 3am. That person costs more per year than the MDR did.
Solo operators and three-person startups do not have that person. They have a founder who wants to ship features and a calendar full of customer calls.
Detection without action is a tax on your sleep
Most security tools are still organized around the assumption that a human will read the alert. That made sense when the endpoint count was 50,000 and the SOC had 12 analysts. It does not make sense when the endpoint count is 1 and the SOC is you, from a phone, in a different timezone, after a customer call.
We wanted detection that defaults to acting. Block the IP on a brute force. Quarantine the binary on a kernel-module load that does not match the package manager. Page only when something is actually wrong and the autonomous response did not handle it.
What we ended up building
Inner Warden is a single Rust binary you install with one curl. It runs an eBPF sensor with 40 kernel hooks, an agent that does AI triage on every detection, and a dashboard that fits on a phone screen. 49 detectors, 65 MITRE technique IDs, 40 correlation rules, all in roughly 20MB of binary.
The AI triage runs locally with qwen2.5:3b by default, so you do not pay an API per event and your incident data never leaves the host. The detection rules are open source and live next to the code that implements them.
Trade-offs we accept on purpose
We are not pretending Inner Warden replaces a 24/7 SOC for a regulated bank. It does not. A real SOC has threat hunters who read raw telemetry, write custom rules, and maintain a relationship with your compliance auditor. We replace the part of that job that should not have been a job: the part where a human wakes up at 4am to block an IP that any reasonable rule engine could block on its own.
We also accept that an autonomous tool will sometimes act when it should not. So every action is dry-runnable, every block has a TTL, and every decision is in an append-only audit log signed by the agent. If we are wrong, you can see exactly why and roll it back.
Why open source, and why free for solo
Endpoint defense is not a feature. It is a baseline. Locking it behind a $30k contract means most of the internet runs naked. That is bad for everyone, including the companies who do pay for an MDR, because the unprotected hosts are where botnets come from.
Inner Warden is Apache-2.0. The single-host install is free forever. We charge for the things that actually cost us money at scale: multi-host orchestration, hosted dashboards, and support contracts for teams that need them. If you are one person with one VPS, you should not be paying us anything.
What this blog is going to be
We are going to write about what we are actually doing, not what we wish we were doing. Honest results from MITRE Caldera validation. Why false positives are a product problem and not a model problem. The architecture trade-offs nobody else writes up.
If we ever start sounding like an enterprise security vendor, tell us. That is not what this is.