Komainu One 3.1.0-enhanced

Advanced Linux malware defense for teams that need clarity

Continuously monitor every process, surface suspicious activity fast, and keep resource impact low.

Automated learning, real-time alerts, and privacy-first workflows stay on-prem while you stay in control.

View Quick Start Explore Documentation
✓ Automatic training ✓ Memory SSDeep ✓ Quantum fingerprints ✓ Threat intel

15,847

Processes scanned per day

98%

Detection accuracy (hybrid ML)

<5%

CPU usage impact on modern servers

1,000+

Processes analyzed every second

Quick Start: Komainu One CLI

Run real-time memory telemetry with automatic ML training in just a few commands. Komainu One ships as a Rust CLI that inspects every process, hashes memory regions with SSDeep, and reports anomalies through the hybrid ensemble.

Single binary deploy: `cargo build --release` then run from `target/release/memory_scanner`
Hybrid ML: SVM + Random Forest + online learner with adaptive thresholds
Threat Intel: Optional AWS Lambda hash verification and unknown hash reporting
Privacy-first telemetry: Only ssdeep fingerprints and quantum metrics leave the host

Elevate detections instantly: run a batch scan to bootstrap learning, then keep monitoring with `monitor --async --use-hybrid-ml --verify-hashes`.

Terminal Demo

Copy & paste to start scanning

sudo ./target/release/memory_scanner scan --all \
  --use-hybrid-ml --verify-hashes

sudo ./target/release/memory_scanner monitor \
  --async --ml-threshold 0.85 \
  --use-hybrid-ml --log-all --interval 2000

Sample output

🚨 SUSPICIOUS PID: 4321 (python3.11)
Memory SSDeep Summary: 6 regions | low-sim 2 | max anomaly 0.82
Executable Quantum Fingerprint: overlap 0.904, anomaly 0.09

Automatic learning: models retrain every 50 samples, persist high accuracy ensembles, and adapt thresholds to keep false positives under 1%.

Why Teams Deploy Komainu One

Every component is engineered for Linux defenders who need continuous evidence, low overhead, and explainable ML signals.

Hybrid ML Classifier

SVM + Random Forest + online learner voting with adaptive thresholds, performance tracking, and auto retraining every 50 labeled samples.

Accuracy: 0.98 ensemble / 0.02 false positives

Memory SSDeep & Quantum Fingerprinting

Per-region SSDeep hashes, similarity drift, entropy/χ² metrics, and quantum overlap heuristics reveal fileless payloads and polymorphic implants.

Telemetry: Region summaries + anomaly flags in CLI & JSON

Threat Intelligence Integration

SHA-256 verification, unknown-hash reporting, and SIEM-ready JSON export via AWS Lambda endpoints with retries, caching, and GDPR-safe payloads.

Automation: Hash lookup, classification, reporting hooks

About Us

We have been creating software since 1998.

Our Story

Since 1998 we have helped operators secure large Linux estates. Komainu One is the result of years spent combining mathematical telemetry (Shannon entropy, chi-square) with hybrid ML pipelines that can run on bare-metal servers without agents or cloud uploads.

We build in Rust, prioritize privacy, and publish transparent documentation so security teams can audit every step—from memory sampling to hash verification workflows.

Our Philosophy

Detections must be
explainable, portable, and fast.

Sean Ngu
Martin Founder and CEO

Our Experience

Entropy & statistical analysis
95%
Hybrid ML engineering
90%
Threat intelligence pipelines
85%
Linux telemetry & hardening
80%

Our Team

Researchers, ML engineers, kernel developers, and threat intelligence analysts collaborate on every Komainu One release to ensure math, models, and operations stay aligned.

Komainu One vs Traditional Agents

See how our revolutionary approach outperforms legacy signature-based solutions

Feature Komainu One
Komainu One
Traditional AV
Hybrid ML Detection
SVM + RF + online learner ensemble
Single engine, manual tuning
Memory Telemetry
SSDeep + quantum fingerprints per region
Executable-only inspection
Privacy & Hash Sharing
Only fuzzy hashes + telemetry leave host
Uploads binaries to cloud services
Performance & Automation
<5% CPU, CLI automation, JSON exports
High agent overhead, limited APIs

Technical Resources

Deep dive into the Shannon entropy + chi-square pipeline, per-region SSDeep telemetry, quantum fingerprints, and the hybrid SVM/Random Forest/online ensemble that power Komainu One.

Hybrid ML Classifier Guide

Dive into the ensemble (SVM, Random Forest, online learner) that powers Komainu One. Understand adaptive thresholds, automatic retraining, feature importance, and confidence scoring for every prediction.

Key metrics: accuracy, precision/recall, F1, false positive rate, per-model weights
  • Auto training from monitoring sessions
  • Manual train/test workflows with JSON datasets
  • Predict + explain mode for PID investigations

Memory SSDeep & Quantum Fingerprinting

Understand how Komainu One fingerprints every mapped region, compares similarity against `/proc/PID/exe`, and enriches reports with quantum overlap, interference, and anomaly flags.

Technical note: Region telemetry feeds threat reports, JSON exports, and ML feedback without transmitting raw memory.
  • Low-similarity region counts
  • Quantum anomaly heuristics
  • Export-ready telemetry snippets

Threat Intelligence & Reporting

Leverage Lambda-backed hash verification, unknown hash reporting, SIEM exports, and reporting hooks that keep sensitive payloads on-prem while still feeding your global intelligence pipeline.

Automated lookups

Retry, caching, and batching keep APIs responsive

Telemetry context

Entropy, SSDeep, and quantum fields enrich every report

Compliance ready

GDPR-safe payload design + audit logging

README

Full overview of features, requirements, and quick start (v3.1.0-enhanced).

Bundled in repo
Complete Documentation

Configuration guide, monitoring tips, cache details, and API references.

DOCUMENTATION.md
Training Guide

Step-by-step instructions for automatic and manual hybrid ML training workflows.

TRAINING_GUIDE.md
Komainu One finally gives us telemetry we can defend in audits—entropy traces, SSDeep drift, and ML explanations in one report. Jozef, Principal Security Engineer

What Security Experts Say

Trusted by cybersecurity professionals and system administrators worldwide

Live Threat Intelligence

Hash verification, unknown-hash reporting, and telemetry-rich exports powered by AWS Lambda.

Recent Threat Detections

CRITICAL Linux.Trojan.Mirai.Variant
2 minutes ago

Entropy: 7.8/8.0 | SSDeep sim 12% | ML score 0.94

HIGH ELF.Cryptominer.Unknown
7 minutes ago

Entropy: 6.9/8.0 | Quantum anomaly 0.71 | Hash unknown

MEDIUM Linux.Backdoor.Custom
12 minutes ago

Entropy: 5.4/8.0 | Similarity drift 58% | Hash verified clean

3

Threats detected (last 24h)

0

False positives logged

102/s

Processes scanned

Simple, Transparent Pricing

Start protecting your Linux servers today. No hidden fees, no long-term contracts.
30-day money-back guarantee on all plans.

  • Community (Open Source)

    FREE self-hosted
    • Entropy + chi-square scanning
    • Hybrid ML auto training
    • CLI monitor & JSON export
    • Memory SSDeep + quantum metrics
    • Community documentation
    • Official support SLA
    • Managed Lambda endpoints
    Get Started
  • MOST POPULAR

    Professional Support

    $9.99 per server/month
    • Guided deployment + tuning
    • Managed hash verification endpoints
    • Custom configuration templates
    • Priority troubleshooting + audits
    • Webhook & SIEM integrations
    • Feature preview builds
    • Dedicated success engineer
    Get Started

  • Enterprise Platform

    Custom contact us
    • Everything in Professional
    • On-prem threat intel services
    • Custom ML retraining pipelines
    • Executive reporting dashboards
    • Compliance + red-team workshops
    • 24/7 response with SLA
    • Volume + air-gapped options
    Contact Sales

Trusted by Security Professionals Worldwide

SOC 2 Compliant
GDPR Ready
256-bit Encryption
99.9% Uptime SLA

Contact the Komainu One Team

Need help planning a rollout, tuning hybrid ML thresholds, or integrating threat intelligence? Reach out and we'll connect you with an engineer.

For architecture reviews, workshops, or support, use the form or email below.

For application support, use the contact for that application.

INVEXTA Group, Ltd.
Františka Janáčka 2693
688 01 Uherský Brod
Czech republic

574 414 937 024+
[email protected]