AI coding assistants execute arbitrary code on Windows workstations with almost no oversight. AI Trace provides security teams with deep, kernel-level runtime visibility into every process, file write, network call, and registry modification.
AI coding agents spawn processes, write files, make network connections, and modify system state. Traditional endpoint security tools weren't built to attribute these actions back to the agent that initiated them.
Agents spawn PowerShell, cmd, and other interpreters to run generated code. These child processes inherit user-level privileges with no audit trail linking them back to the agent session.
Nothing stops an agent from reading SSH keys, cloud credentials, auth tokens, environment variables, or any file the user has access to. Standard EDR won't flag it because the user account is authorized.
Agent-spawned processes can make outbound HTTP requests, resolve arbitrary DNS, and establish connections to external endpoints. There is no built-in mechanism to restrict or even log this behavior.
Agents can write to the registry, create scheduled tasks, modify startup items, and alter system configuration. These changes persist long after the agent session ends.
Agent-generated code runs immediately on the workstation. Dependencies are fetched and installed without review. Build scripts execute in full user context with no sandboxing.
When an agent spawns a child process that spawns another child, the origin is lost. Security teams can't tell if powershell.exe was launched by a human or by an AI agent three levels up the process tree.
Built on ETW (Event Tracing for Windows) at the kernel level. No userland hooks to bypass. No API interception. High-fidelity event streams straight from the OS kernel, correlated and attributed to the originating AI agent.
Direct ETW consumer sessions capturing process, file, registry, network, and image load events from kernel providers. Tamper-resistant by design. No injection, no hooks, no blind spots.
Automatic identification and full tree-walking of AI agent process hierarchies. Every child process, grandchild, and ephemeral shell is tracked and attributed back to the originating agent session and PID.
Captures outbound TCP/UDP connections, DNS resolutions, and TLS handshake metadata from agent process trees. Full visibility into which endpoints agent-spawned processes communicate with, including SNI and certificate details.
Real-time tracking of file create, write, delete, rename, and read operations. Configurable alert policies on access to sensitive paths: SSH keys, credential stores, cloud config, environment files, and certificates.
Monitors all registry reads and writes from agent process trees. Detects persistence mechanisms (Run keys, scheduled tasks), configuration changes, security policy modifications, and COM object registration.
Logs every DLL, driver, and executable image loaded by agent processes. Detects DLL sideloading, unsigned module loads, and unexpected runtime dependencies introduced by agent-generated code.
Full command-line argument logging for every process in the agent tree, including encoded PowerShell commands, script arguments, compiler flags, and package manager invocations. Decoded and normalized for analysis.
Structured JSON event output with consistent field mappings for direct ingestion into Splunk, Microsoft Sentinel, Elastic, CrowdStrike LogScale, or any SIEM. Pre-built correlation rules and detection templates included.
Define rules for what triggers alerts: sensitive file access, network connections to unexpected destinations, registry persistence writes, unsigned image loads, or any combination. Tunable per agent type and workstation group.
AI Trace operates as a lightweight Windows service that consumes kernel ETW events in real time, correlates them against known AI agent process signatures, and emits structured telemetry.
Identifies running AI coding agents by process name, path, and behavioral signature. Maintains a live registry of active agent sessions and their root PIDs.
Kernel-level ETW sessions capture process, file, registry, network, and image load events in real time. Filtered to agent process trees with minimal overhead.
Events are enriched with agent session context, process tree depth, and parent attribution. Related events grouped into coherent agent action sequences.
Each event evaluated against configurable alert policies. Sensitive file access, unexpected network destinations, and persistence mechanisms trigger real-time alerts.
Structured JSON events emitted to local log, forwarded to SIEM, or pushed via webhook. Full provenance chain from kernel event to agent session preserved.
AI Trace captures granular telemetry across the full scope of what an AI coding agent can do on a Windows workstation. Every event is attributed to the originating agent session.
AI Trace detects and monitors all major AI coding agents on Windows. New agent signatures are added continuously as the ecosystem evolves.
AI Trace is in private early access. If your organization uses AI coding agents on Windows workstations and needs endpoint-level visibility into their runtime behavior, get in touch.
Request Early Access