Architectural deep dives from the work behind Synapse, Synapse Fleet, and Atlas Crew Security. Written for engineers who want to know how things actually work, not just what features exist.
The coordination plane for a Synapse deployment, and how it does collective defense across tenants without ever centralizing a payload. Anonymized SHA-256 fingerprints, an 8-factor campaign correlator, ~50ms fleet-wide pushes, self-host including air-gapped deployments, and sensor resilience that never silently fails open.
How Synapse makes every edge location a complete detection engine. Twelve inline capabilities in a single 25MB binary, no cloud round-trip, no background loop, and a command plane that's genuinely optional. The thesis article for the rest of the writing on this site.
How Synapse scans 22 sensitive-data patterns sub-millisecond on multi-megabyte bodies, with zero false positives, and still finds time to catch the outbound leaks. Aho-Corasick, zero-allocation validators, a soft 8KB cap, and parallel execution with upstream I/O.