Technical blog

AI agent security, eBPF, and compliance

Technical articles written by the engineers building H7. No marketing copy — only things we can demonstrate at the kernel layer.

eBPFLiving-off-the-Land3 June 2026 · 8 min read

Detecting Living-off-the-Land attacks at the kernel layer with eBPF

LOTL attacks use only legitimate OS syscalls — already whitelisted by EDR. Here is why behavioral sequence analysis at the eBPF layer catches them when everything else misses.

Read article →

DORAcompliance3 June 2026 · 6 min read

DORA Art. 17 evidence for AI agents: what an auditor actually needs

DORA has been in force since January 2025. Here is a precise mapping of what Art. 17 requires for ICT incident documentation, and how a signed .cal certificate satisfies each requirement.

Read article →