Security model

Built to protect the protected site.

Security controls are layered across tenant access, agent identity, evidence handling, AI processing, and local policy enforcement.

Tenant isolation

Every operational record belongs to an organization and every request is authorized against the active membership.

Signed agent traffic

Unique per-site keys, timestamps, nonces, body hashes, and idempotency protect the plugin contract.

Secure sessions

HttpOnly cookies, server-side sessions, CSRF protection, Argon2id passwords, progressive throttling, and remote logout.

Evidence minimization

Suspicious-only capture, strict caps, credential removal, output encoding, and 30-day raw-event retention.

Bounded enforcement

Seven-day observation, protected ranges, confidence gates, TTLs, previews, acknowledgements, and rollback.

Safe decoys

Only inert HTTP routes—no real shells, SSH, databases, executable payloads, or stored fake-login passwords.

Responsible scope

Honeypots without dangerous services.

SmartHoneyAI deliberately avoids real SSH, database, shell, or malware-sandbox exposure. It detects application-layer probing through inert WordPress routes, giving teams useful signals without introducing a new attack surface.

Make every WordPress site a smarter sensor.

Join the controlled pilot and see coordinated threat intelligence across your portfolio.

Request pilot access