# Arca.Vision > Kernel-level governance for AI infrastructure. Patent-pending eBPF interception of GPU driver calls — host-native, microsecond-grained, zero code changes. Arca.Vision is a patent-pending, host-native kernel governance layer for GPU-accelerated AI infrastructure. The product attaches into the Linux host kernel via Aya-compiled eBPF, intercepts every `cudaLaunchKernel` and `ioctl(2)`, and runs an on-host Phi-3 small language model that scores suspect ioctls for data-exfiltration intent. Deployment is white-glove: Arca.Vision engineers install and tune the Sentry on customer hosts (bare metal, AWS EC2, GCP Vertex, private cloud), then stay on call. Customers receive a turn-key Grafana + Prometheus dashboard. ## Pages - [Overview](https://arca.vision/): the landing page. Covers positioning, the three primitives (Nvidia Hook · Zombie Sentry · Exfiltration Gate), product shapes (The Auditor · The Sentry), white-glove integration steps, and the live sentry feed showing the kernel heartbeat. - [Products](https://arca.vision/products): The Auditor (forensic engagement, 1–4 weeks, signed report) and The Sentry (continuous host-native defense). Includes the engagement-vs-engagement specification matrix. - [Features](https://arca.vision/features): in-depth spec of the three primitives — the Nvidia Hook (kernel-level eBPF interception of CUDA + ioctl), the Zombie Sentry (sliding-window kill switch for hung GPU agents, ~20% compute reclaim), the Exfiltration Gate (heuristic + on-host Phi-3 mini SLM scoring ioctl intent without host egress). - [Use Cases](https://arca.vision/use-cases): three regulated verticals where userspace observability is a liability — high-compliance healthcare (HIPAA · NOM-024 · FDA SaMD), financial services (SOC 2 · PCI-DSS · FFIEC), and autonomous robotics (ISO 26262 · IEC 61508 · DO-178C). - [About](https://arca.vision/about): thesis, the four engineering phases (Hook · Zombie Sentry · Exfiltration Gate · The Pane), patent posture, and how Arca.Vision ships (white-glove, not self-serve). - [FAQ](https://arca.vision/faq): engineering questions on eBPF overhead, IP and patents, and on-host SLM privacy. - [Contact](https://arca.vision/contact): the form for scoping calls and deployment inquiries. ## Stack - Rust workspace built with Aya-compiled eBPF programs. - Two probes: a uprobe on `libcuda.so:cudaLaunchKernel` and a tracepoint on `syscalls:sys_enter_ioctl`. - On-host Phi-3 mini Q4_K_M (or Llama-3-8B) via `llama-cpp-2`. - Prometheus exporter on `127.0.0.1:9464/metrics` plus a turn-key Grafana dashboard provisioned during deployment. ## Distribution - Form: white-glove integration. Arca.Vision engineers deploy the Sentry onto customer hosts. There is no public download or self-serve install. - Environments: Linux host-native — bare metal, AWS EC2, GCP Vertex, private cloud. - Source: proprietary. Not open source. Patent-pending. ## Contact Email: observer@arca.vision Site: https://arca.vision