overview
FINAL SUMMARY
Big-picture explanations, quick reference material, and definitive orientation docs.
Context Rail
Tags and Themes
On This Page
Final Security Summary (Current State)
This is the consolidated, current-state summary for Mutant security.
1. What is fully in place
- Signed artifact verification paths and secure-mode signer-auth trusted-key path.
- Policy-driven tamper response (warn, delay, terminate).
- Protection profile defaults (minimal, standard, paranoid).
- Anti-debug and sandbox enforcement at pre-decode and pre-execution.
- Anti-tamper probe framework with confidence signals.
- Windows process-protection probes and runner threshold enforcement.
- VM runtime integrity probing and telemetry export.
- Remote process scan manager with runner observe/enforce integration.
2. What is partial
- Polymorphic engine: integrated, but advanced transforms remain gated.
- Memory hardening: active VM object encryption path plus additional wrapper primitives.
- Remote process scan detector depth: scanner contract/integration implemented, windows scanner currently scaffolding-safe no-op.
3. Operator-critical gates
- runtime setting=1 controls probe execution.
- runtime setting controls runner process-protection enforcement once probes are enabled.
- runtime setting and runtime setting control remote scan execution and enforcement semantics.
- --signer-auth enables trusted signer verification in secure mode.
- runtime setting and runtime setting determine policy outcomes.
4. Student learning path
- SECURITY_ANSWERS
- SECURITY_DIAGRAMS
- SECURITY_LLD
- PROCESS_INJECTION_DETECTION_LLD
- POLYMORPHIC_BYTECODE_LLD
5. Source-of-truth docs
- SECURITY_LLD
- SECURITY_LLD_TRACEABILITY
- ANTITAMPER_PROBE
- ANTITAMPER_PROBE_ENABLEMENT_LLD
- BINARY_ARTIFACT_SECURITY_DEEP_DIVE
- REMOTE_PROCESS_SCAN_DEEP_DIVE