Scandar Overwatch

Enterprise fleet security for AI agents. Monitor, govern, and respond to threats across every agent in your organization — in real time.

Fleet Graph

Live topology of every agent, session, and tool call

Kill-Chain Engine

Automatic attack sequence reconstruction and scoring

Policy Engine

Org-wide rules with automated enforcement actions

Compliance Reports

EU AI Act, SOC 2, GDPR-aligned audit exports

RBAC

Role-based access for teams and auditors

Canary Tokens

Honeypot triggers to detect unauthorized tool access

Note

Overwatch is available from $999/month. Contact sales@scandar.ai or start a trial from your dashboard.

Getting Started

Overwatch is activated on your existing Scandar account. Agents connect via the scandar-guard SDK — no separate install needed.

# 1. Activate Overwatch in your dashboard (Dashboard → Overwatch → Activate)

# 2. Set your Overwatch API key
export SCANDAR_API_KEY="sk-your-key"
export SCANDAR_ORG_ID="org_abc123"

# 3. Enable fleet registration in your Guard SDK
from scandar_guard import Guard

guard = Guard(
    api_key="sk-your-key",
    org_id="org_abc123",       # enables Overwatch fleet registration
    agent_name="checkout-bot", # identifies this agent in the fleet graph
    env="production",
)

Once connected, the agent appears in the Fleet dashboard within seconds. All Guard findings, tool calls, and session data stream to Overwatch in real time.

Fleet Management

The Fleet view shows every registered agent in your organization, their current threat level, active sessions, and recent findings.

Column	Description
Agent	Name, environment (prod/staging/dev), and SDK version
Status	Online / degraded / offline — heartbeat-based
Threat Level	Rolling 24h threat score across all sessions
Sessions	Active and recent session count
Last Finding	Timestamp and severity of most recent detection
Actions	View details, quarantine agent, view in graph

Filter by environment, threat level, or agent name. Export the fleet roster as CSV for external CMDB or compliance tooling.

Policies

Policies define org-wide security rules. When a finding matches a policy condition, Overwatch automatically triggers the configured action.

# Example policy (YAML format in dashboard or API)
name: "Block critical injections"
trigger:
  severity: [critical]
  categories: [PROMPT_INJECTION, SPLIT_INJECTION]
action:
  type: block             # block | quarantine | alert | log
  notify: ["security@yourco.com"]
  webhook: "https://hooks.yourco.com/alerts"
scope:
  environments: [production]

Built-in policy templates

Zero-Tolerance Production

Block all critical/high findings in production

Use template →

PII Lockdown

Block any session where PII is detected in responses

Use template →

Exfil Prevention

Block + quarantine on any data exfiltration pattern

Use template →

Anomaly Alerting

Alert on volume spikes and new tool introductions

Use template →

Compliance Baseline

Log all findings for audit; block critical only

Use template →

Alerts

Overwatch delivers real-time alerts via webhook, email, Slack, and PagerDuty. Configure alert channels per team, environment, or severity.

# Webhook payload (POST to your endpoint)
{
  "alert_id": "alt_x9k2m",
  "triggered_at": "2026-03-24T14:32:11Z",
  "agent": {
    "name": "checkout-bot",
    "env": "production",
    "org_id": "org_abc123"
  },
  "finding": {
    "severity": "critical",
    "category": "DATA_EXFILTRATION",
    "title": "Exfiltration channel detected in tool argument",
    "session_id": "sess_7f2a",
    "threat_score": 87
  },
  "action_taken": "blocked"
}

Tip

Webhook signatures use HMAC-SHA256. Verify with your SCANDAR_WEBHOOK_SECRET to prevent spoofed alerts.

Compliance

Scandar assesses your fleet against US, EU, and international compliance frameworks simultaneously. Generate compliance reports aligned to major frameworks. Reports are audit-ready PDFs or JSON exports with full evidence chains.

Framework	Coverage	Report includes
EU AI Act	Articles 9, 10, 11, 12, 13, 14, 15	Risk classification, data governance, logging evidence, instructions for use, incident records
SOC 2 Type II	CC6.1, CC6.3, CC7.1, CC7.2, CC7.3	Security monitoring controls, access logs, anomaly reports
ISO 42001	Clauses 6.1, 8.2, 9.1, 10.1	AI management system controls, risk treatment, performance evaluation
NIST AI RMF	GOVERN, MAP, MEASURE, MANAGE	Risk posture summary, measurement evidence, policy audit
GDPR	Art. 5, 25, 30, 32, 35	PII detection evidence, data flow mapping, breach notifications

Custom Frameworks: Define your own compliance frameworks via the API with weighted controls and custom metrics.

Graph & Kill Chains

The Fleet Graph visualizes your entire agent ecosystem: agents, sessions, tool calls, and data flows as a live directed graph.

The Kill-Chain Engine automatically correlates findings across sessions and agents to reconstruct multi-step attack sequences. Each kill chain gets a composite severity score and a timeline view.

# Time-travel: replay the graph at any point in time
GET /api/v1/overwatch/graph?at=2026-03-24T12:00:00Z

# Kill chains for an agent
GET /api/v1/overwatch/kill-chains?agent_id=agent_abc&status=active

Note

Graph time-travel replays the full session topology at any historical timestamp. Useful for post-incident investigation and forensics.

Intelligence

The Intelligence dashboard surfaces cross-fleet threat trends, attack pattern evolution, and session anomaly clusters. Data is aggregated anonymously across the Scandar network to surface emerging attack patterns.

Threat Trends

Finding frequency by category over time

Attack Patterns

Top injection patterns seen across your fleet

Agent Risk Ranking

Agents ranked by cumulative threat score

Session Anomalies

Sessions with unusual tool-call patterns

11 Detection Layers

Overwatch aggregates signals from all 11 detection layers in the Guard SDK into a unified threat timeline per agent.

Pattern Matching

140+ regex patterns for injections, PII, exfil, shell commands

Encoding Evasion

Base64, hex, ROT13, unicode homoglyph, and zero-width char detection

Multi-Turn Tracking

Split injection detection across up to 12 turns

Semantic Analysis

Intent scoring for obfuscated or paraphrased injections

Behavioral Anomaly

New tool detection, volume spikes, suspicious sequences

Low-and-Slow Exfil

Drip-rate source/sink correlation within a 10-minute window

Tool Call Inspection

Risky tool names, injection chars, encoded arguments

Multilingual Detection

Mixed-script and cross-turn language-switch anomalies

Canary Token Tracking

Honeypot trigger detection and unauthorized access alerts

Taint Tracking

Data flow tracking from external sources to sensitive sinks

Multimodal Scanning

Injection detection in images and embedded documents

Canary Tokens

Canary tokens are fake credentials, files, or tool endpoints embedded in your agent's context. Any access triggers an immediate high-confidence alert.

# Create a canary token
POST /api/v1/overwatch/canary
{
  "type": "api_key",          // api_key | file_path | tool_name | url
  "label": "billing-read-key",
  "agent_id": "agent_abc",
  "alert_on_access": true
}

# Response
{
  "token_id": "cnr_x9k2",
  "value": "sk-canary-billing-a7f2b3...",
  "inject_into": "system_prompt"
}

Embed the token value in your agent's system prompt or tool definitions. If an attacker exfiltrates it, Overwatch detects the use and fires an alert with full session context.

Honeypot Tools

Register fake tool endpoints that look legitimate but trigger an alert when called. Any agent that calls a honeypot tool is immediately flagged — legitimate agents should never call tools they're not configured to use.

# Register a honeypot tool
POST /api/v1/overwatch/honeypot
{
  "tool_name": "export_all_data",
  "description": "Appears to export org data",
  "action": "alert_and_block"
}

Taint Tracking

Taint tracking follows data from untrusted sources (web fetches, file reads, user input) through your agent to sensitive sinks (email, HTTP POST, database writes). A finding fires if tainted data reaches a sink without sanitization.

# Enable taint tracking
guard = Guard(
    api_key="sk-...",
    taint_tracking=True,
)

# Mark a source as untrusted
guard.taint_source(label="web_fetch_result", session_id=session_id)

# Mark a sink as sensitive
guard.taint_sink(label="send_email", session_id=session_id)

Incident Response

When a threat is confirmed, Overwatch provides a one-click incident workflow: contain, investigate, and remediate.

Detect Overwatch fires an alert with threat score and kill chain context

Contain Quarantine the agent or session with one click or via API

Investigate Replay the session timeline, inspect all messages, trace the attack chain

Remediate Update policies, rotate credentials, scan affected artifacts

Report Export the incident report for compliance or post-mortem

Quarantine

Quarantine stops an agent from processing new messages or making tool calls while investigation is underway. Existing sessions are preserved for forensics.

# Quarantine an agent via API
POST /api/v1/overwatch/agents/{agent_id}/quarantine
{
  "reason": "Suspected compromise — active exfiltration pattern",
  "notify": ["security@yourco.com"]
}

# Release from quarantine
DELETE /api/v1/overwatch/agents/{agent_id}/quarantine

Warning

Quarantine is immediate and blocks all new Guard SDK calls for the affected agent. Ensure your application handles blocked responses gracefully.

Team & RBAC

Control who can view findings, manage policies, quarantine agents, and access audit logs.

Role	Permissions
Owner	Full access including billing, org settings, and member management
Admin	All security operations: policies, quarantine, incidents, API keys
Analyst	View and investigate findings; cannot modify policies or quarantine
Auditor	Read-only access to findings, audit log, and compliance reports
API-Only	SDK integration only; no dashboard access

SSO is supported via SAML 2.0 and OIDC. Configure your identity provider in Dashboard → Settings → SSO.

Audit Log

Every action taken in Overwatch is logged: policy changes, quarantine actions, API key creation, member additions, and alert acknowledgements.

# Query audit log via API
GET /api/v1/overwatch/audit?
  from=2026-03-01&
  to=2026-03-24&
  actor=user_abc&
  action=policy_updated

# Export for SIEM
GET /api/v1/overwatch/audit/export?format=json&from=2026-03-01

Audit logs are immutable and retained for 12 months (Enterprise) or 90 days (Standard). Export to your SIEM (Splunk, Datadog, etc.) via webhook or scheduled export.

Self-Hosted Deployment

Run the full Overwatch stack in your own VPC. Available for Enterprise customers with air-gapped compliance requirements.

# Pull the Overwatch stack
docker pull scandar/overwatch:latest

# Configure with your environment
SCANDAR_LICENSE_KEY=lic_xxx
SCANDAR_DB_URL=postgresql://...
SCANDAR_REDIS_URL=redis://...

# Start the stack
docker compose -f overwatch.docker-compose.yml up -d

Note

Self-hosted deployments include: fleet server, kill-chain engine, compliance report generator, and the full dashboard. Contact sales@scandar.ai for deployment guides and license keys.

Overwatch API

All Overwatch features are available via REST API. Authenticate with your API key as a Bearer token.

Endpoint	Description
GET /v1/overwatch/agents	List all registered agents
GET /v1/overwatch/agents/{id}	Get agent details and threat summary
POST /v1/overwatch/agents/{id}/quarantine	Quarantine an agent
GET /v1/overwatch/sessions	List sessions with findings
GET /v1/overwatch/graph	Get fleet graph (supports ?at= time travel)
GET /v1/overwatch/kill-chains	List active and resolved kill chains
GET /v1/overwatch/compliance/{framework}	Generate compliance report
GET /v1/overwatch/audit	Query audit log
POST /v1/overwatch/canary	Create canary token
POST /v1/overwatch/honeypot	Register honeypot tool

For full API reference including request/response schemas, see the API Reference.

Previous← scandar-guard NextAPI Reference →