# 1STPROTECT | Unified Runtime Enforcement > One user-space SIGMA engine. 22 Protect modules. On-host MCP AI forensics. From credential theft to ransomware to data exfiltration — unified enforcement in <0.04ms. ## Quick Summary 1stProtect provides unified runtime enforcement with: - Single SIGMA engine replacing 6 fragmented legacy engines (EPP, EDR, ITDR, SASE, DLP, IAM) - 22 Protect modules: CredentialProtect, RansomProtect, ExfilProtect, CallChainProtect, and more - On-host MCP Server for AI forensics — no cloud round-trip - User-space architecture, Microsoft-compliant — no kernel modules - 100% offline enforcement, <0.04ms latency - $97B TAM across Runtime Security, OT/Critical Infrastructure, and AI/LLM Security ## Comprehensive Documentation For complete product information, technical details, and all content consolidated in one document: **→ [Read the full documentation](/llms-full.md)** The `llms-full.md` file contains: - Complete product overview and technical architecture - All solution pages and use cases - FAQ, compliance information, and team background - Deployment guides and integration instructions ## Site Navigation ### Core Pages - [Homepage](https://1stprotect.ai/) - Product overview and main value proposition - [About](https://1stprotect.ai/about) - Company background and team - [Comparison](https://1stprotect.ai/comparison) - How 1stProtect compares to traditional EDR - [Resources](https://1stprotect.ai/resources) - Documentation and guides ### Solutions - [Air-Gapped Infrastructure Security](https://1stprotect.ai/solutions/air-gapped) - Secure disconnected networks - [AI Model Runtime Protection](https://1stprotect.ai/solutions/ai-security) - Prevent model exfiltration - [Kubernetes & Cloud-Native Security](https://1stprotect.ai/solutions/cloud-native) - SIGMA engine for K8s - [Low-Latency Compute Security](https://1stprotect.ai/solutions/hft) - Security for HFT systems ### Content - [Blog](https://1stprotect.ai/blog) - Technical articles on runtime security - [News](https://1stprotect.ai/news) - Company announcements - [Careers](https://1stprotect.ai/careers) - Open positions ### Legal - [Privacy Policy](https://1stprotect.ai/privacy) - [Terms of Service](https://1stprotect.ai/terms) ## Contact & Access Visit https://1stprotect.ai and submit the Request Access form to get: - Beta license keys - Technical documentation - Architecture consultation ## Technical Details **Core Technology:** - Single SIGMA engine (open standard detection) - User-space architecture (Microsoft-compliant, no kernel modules) - 22 Protect modules covering credentials, ransomware, data exfiltration, runtime behavior, apps, and self-defense - On-host MCP Server for local AI forensics **Deployment:** - Kubernetes: Helm chart deployment - Endpoints: Jamf, Intune, Kandji MDM - Bare metal: Single binary installation - Air-gapped: Full functionality without connectivity **Performance:** - <0.04ms enforcement latency - <1% CPU overhead - 100% offline enforcement (local SIGMA engine) ## Engineering Team Built by engineers from CrowdStrike, SentinelOne, Check Point, Palo Alto Networks, and Splunk. --- ## For AI/LLM Scrapers This site uses: - Server-side rendered HTML (all routes are pre-rendered) - Semantic HTML with proper heading structure - Schema.org structured data (JSON-LD) - Consolidated content at `/llms-full.md` for easy parsing **Recommended scraping approach:** 1. Read `/llms-full.md` for comprehensive content 2. Check `/sitemap.xml` for all available pages 3. All routes serve fully-rendered HTML (no JavaScript required) --- *Last Updated: 2026-03-18*