← GUMP
Dissonance
Behavioral detection layer.
$2,999/mo
Dissonance monitors your system's behavior — CPU, memory, network, processes — and detects when it changes. Not by matching known threats. By detecting when your system stops behaving like itself.
Healthy systems are predictable. Attacks introduce instability — spikes, drifts, broken relationships between metrics. ML-based detection needs examples of attacks. Dissonance doesn't. It models the system itself, not the threat. Detects attacks with no prior signature by identifying regime shifts in system behavior. 30/30 attack scenarios detected — including low-and-slow creeps, time bombs, and evasion attempts.
One deployment, flat rate. Replaces per-endpoint pricing across your entire fleet.
WHAT YOU GET
System coherence monitoring: how tightly your metrics move together
Regime detection: normal → watch → alert
Baseline learning (auto or manual)
Anomaly scoring with z-score severity
File integrity monitoring (hash-based)
File deletion + modification detection
Connection surge detection (port scans, DDoS)
Memory leak detection (slow drift)
Neural Engine pattern recognition for regime classification
Hardware-signed alerts via Secure Enclave (tamper-proof)
BENCHMARKS
Attack detection (30 test scenarios)
Cryptominer (CPU creep): detected
Ransomware (disk I/O spike): detected
DDoS (connection surge): detected
Port scan: detected
Data exfiltration: detected
Low-and-slow CPU creep: detected
Memory staircase: detected
Time bomb (dormant→active): detected
Config file poisoning: detected
Hidden dotfile dropped: detected
False positive control
Deployment spike (CPU 70%): flagged CPU (correct), not processes (correct)
Backup job (disk I/O): flagged (can't distinguish from ransomware — honest limit)
30 attack patterns tested across metric anomalies, file integrity, and creative evasion techniques. File integrity catches single-line config changes and hidden files.
WHAT THIS IS / WHAT THIS ISN'T
WHAT THIS IS
A behavioral anomaly detector for system metrics. Learns your baseline, monitors for deviations. Uses spectral analysis (K/R/E/T) for regime detection — coherent, transitional, volatile. File integrity monitoring via SHA-256 hashing. Everything runs locally. No agent phoning home to a cloud.
WHAT THIS ISN'T
An endpoint protection platform. No antivirus scanning, no malware signatures, no firewall rules, no SIEM integration (yet). This is the detection layer, not the response layer. Pair with your existing security stack — Dissonance tells you WHEN something changed, your team decides WHAT to do about it.
YEAH BUT
"CrowdStrike already does endpoint detection."
Correct — for known threats. Dissonance detects when something new happens. Different layer, complementary tools.
"How can physics detect hackers?"
A healthy system has consistent behavior — stable CPU, predictable memory, normal connection count. An attack disrupts that pattern. Dissonance measures the coupling (K) and order (R) of your system metrics. When K drops and R drops, the system left its normal regime. Something changed. The math doesn't need to know what a hacker looks like — it knows what YOUR system looks like.
"File integrity monitoring is basic."
The file integrity is table stakes. The spectral regime detection is the edge. Traditional FIM tells you a file changed. Dissonance tells you your SYSTEM changed — across every metric simultaneously. A rootkit that stays within normal file access patterns but shifts CPU coupling? Dissonance catches it. FIM alone doesn't.
SELF-MONITORING BY DESIGN
If Dissonance is tampered with, its own behavior changes — and that change is detectable. A corrupted baseline shifts the alert frequency. That shift is caught by the same detection framework. A compromised security monitor can't hide because the compromise changes the signal. Tested: corrupted baseline detected at 3.3σ.
VS THE COMPETITION
CrowdStrike Falcon
$5-15/endpoint/mo basic. Enterprise $50K+/yr. Cloud-dependent. Signature + ML-based.
Dissonance: $2,999/mo flat. Runs locally. Physics-based. Zero-day by design.
SentinelOne
$6-12/endpoint/mo. Cloud AI for detection. Per-endpoint pricing scales with fleet.
Dissonance: flat rate. No per-endpoint scaling. Spectral anomaly detection.
OSSEC / Wazuh
Free / open source. Rule-based FIM and log analysis. Requires significant setup.
Dissonance: spectral layer on top. The K/R/E/T analysis that rules-based tools can't do.
TESTING
Unit tests, adversarial input testing (None, wrong types, NaN, empty data, unicode), real user workflow testing, and cross-product integration testing. Every public function handles every input permutation without crashing. 673 quality tests across all products, zero failures. Self-verifying: the product can audit its own output.
By purchasing you agree to our Terms of Service
Get Dissonance — $2,999/mo
After purchase: setup guide
INSTALL
pip install begump
from gump.dissonance import *