The goal was to build something lightweight that explains activity in plain language, without the noise or complexity of full security suites. It currently highlights things like:
- unusual or suspicious processes - unexpected outbound network activity - changes to scheduled tasks - security‑relevant system events
It also loosely maps some behaviours to common MITRE ATT&CK techniques to give a bit more context about what might be happening.
This is just a personal project I’ve been tinkering with, and I’d really appreciate feedback from anyone interested in Windows internals, visibility tooling, or lightweight monitoring approaches.
If you want to try it, here’s the link: www.sapience-tech.com