I spent the whole day fixing up my backend systems; with the associated front-end accoutrements, as they say.
The security telemetry and console UI are finally getting close to usable; not enterprise-ready yet, but sitting nicely in that sweet mid-tier space. Clean graphs; trace links that actually resolve; logs that don’t babysit you for once.
Hemi; the Concierge That Learned Defense
Hemi’s telemetry is now clean, fast, and resilient.
Local queue with progressive backoff; trace IDs that follow a session from browser to backend; behavioral tagging that picks up jitter, spikes, and weird message patterns before they stack.
Every event comes through as compact JSON. No wasted fields. No confusion. Just proof.
Admin; Real Controls, No Click Theater
Short-lived tokens; action-level roles; and a breakglass mode that issues 15-minute creds, logs every command, and opens a review ticket on its own.
Canary metadata sits right in the console; if the error rate spikes over 3× baseline, rollback is one click.
Ops feels fast again; and still safe.
Honeypots; Deception With Receipts
They look real enough to get touched. Every hit generates structured evidence; headers, body, timing, fingerprint hash.
The classifier sorts hits in milliseconds; anything above 0.9 confidence quarantines itself; borderline cases go to review.
It’s adaptive deception that collects evidence, not noise.
Runtime and Network
CSP locks out inline scripts; WAF tuned to probe patterns; rate limits at 10 req/s per IP with controlled bursts.
Microsegmentation limits how far an exploit can run; secrets rotate in an encrypted vault automatically or on demand.
CI and Deploys
CI blocks flagged dependencies; policy checks stop bad builds early.
Canary deploys hit 5% traffic for 30 minutes; live anomaly detection tracks error spikes, latency, and CPU.
If something smells wrong, rollback triggers instantly; and leaves a full trail.
Automation and Triage
Telemetry → feature extraction → classifier → queue.
Playbooks run as scripts; safe tasks execute automatically; risky ones open a ticket with full traces attached.
Signal flows straight to action; no waiting for humans to dig through noise.
Why Small Teams Should Care
No SOC required. No enterprise contract nonsense.
Just tools that give you evidence when things go wrong; faster recovery when they do; and a smaller surface for anyone trying to break in.
Free Light Beta Soon
In a few weeks, I’m dropping a free light beta; includes the telemetry core, admin tools, and honeypot basics so small teams can test it on real traffic and tell me where it hurts.
If you want a peek, check out formant.ca and ask Hemi yourself about his new security systems.
He’ll actually answer.
Yes, I did this solo.
Tyler Johnston-Kent
Tyler@formant.ca
Top comments (0)