Agent Shield
Agent Shield provides network policy enforcement and security monitoring for Agent Computers.
Isolation
Section titled “Isolation”Every Agent Computer is isolated — dedicated kernel, separate memory/disk/network namespace. Network egress is filtered per-organization policy.
Network Policies
Section titled “Network Policies”Network policies control which external domains an Agent Computer can reach. Policies are set at the organization level and apply to all computers in the organization.
Configure at: Settings > Security > Network Policy
Allowlist Modes
Section titled “Allowlist Modes”| Mode | Behavior |
|---|---|
| Package Managers Only (default) | Allows AI provider APIs, GitHub, and package registries. Blocks everything else. |
| All Domains | No egress restrictions. The agent can reach any domain. |
| None | Blocks all external domains. Add specific domains manually. |
Default allowlist (Package Managers Only mode):
| Category | Domains |
|---|---|
| AI services | api.anthropic.com, api.openai.com, generativelanguage.googleapis.com |
| Code hosting | github.com |
| NPM | registry.npmjs.org, npmjs.com |
| Python | pypi.org, files.pythonhosted.org |
| Rust | crates.io, index.crates.io |
| System | archive.ubuntu.com, security.ubuntu.com |
Custom Domains
Section titled “Custom Domains”In Package Managers Only and None modes, you can add additional domains your agents need to access — internal APIs, specific SaaS services, or any other endpoint required by your workflows.
Monitoring
Section titled “Monitoring”Shield monitors every network connection made by agents running inside Agent Computers.
What it captures
Section titled “What it captures”- Process-attributed connections — every TCP connect is tagged with the process name and full process lineage
- DNS resolution — domain names are correlated to IP connections, so you see
api.github.cominstead of raw IPs - Byte accounting — total bytes sent and received per connection
- Connection lifecycle — connect attempts, results, and close summaries
Installation
Section titled “Installation”Shield is version-managed by the Rebyte platform. When monitoring is enabled for your organization:
- Shield is automatically installed on every new computer at creation time
- Existing computers receive Shield on their next resume
- Version updates are applied automatically
Security Dashboard
Section titled “Security Dashboard”The security dashboard provides real-time visibility into agent network activity across your organization.
Risk Scoring
Section titled “Risk Scoring”Each computer is assigned a risk score based on its network behavior. Computers with unusual connection patterns — high volumes of outbound data, connections to uncategorized domains, or access to sensitive services — are flagged for review.
Traffic Classification
Section titled “Traffic Classification”| Category | Examples |
|---|---|
| Trusted | Your explicitly allowed domains |
| Provider | AI provider APIs (Anthropic, OpenAI, Google) |
| Benign | Package registries, documentation sites |
| Suspicious | Uncategorized or unusual destinations |
Finding Management
Section titled “Finding Management”| State | Meaning |
|---|---|
| New | Automatically generated, not yet reviewed |
| Open | Acknowledged, under investigation |
| Triaged | Assessed, assigned a priority |
| Muted | Suppressed (known false positive or accepted risk) |
| Resolved | Addressed, no further action needed |
Coverage Tracking
Section titled “Coverage Tracking”The dashboard shows which computers in your organization have Shield installed and which do not, so you can verify that monitoring coverage is complete.
Enterprise use cases
Section titled “Enterprise use cases”- Audit trail — every connection is recorded with process attribution, timestamps, byte counts.
- Data exfiltration prevention — domain allowlisting with default-deny mode.
- Incident investigation — search exact connections by computer and time window. Process lineage shows which subprocess initiated each connection.
- Compliance — SOC 2, ISO 27001, internal security policies.