This repository is an early security product MVP. Treat all deployments as test or lab deployments until the production hardening checklist is complete.
Only the default branch is supported during initial development.
Open a private security advisory at https://github.com/ContextualWisdomLab/wardnet/security/advisories/new or contact the repository maintainers through the ContextualWisdomLab organization.
Do not include live customer secrets, packet captures, credentials, or production payloads in public issues.
- The service binds to
127.0.0.1:8080by default. - Set
ADMIN_TOKENbefore exposing management APIs beyond localhost. - Use TLS and an upstream identity proxy before remote administration.
- Treat route, threat, DNSBL, license, and threat-feed POST/write APIs as privileged management surfaces.
- Treat AI-generated SOC recommendations as advisory until a human approves enforcement changes.
- Do not enable block mode against production traffic without route-specific rollback and allowlist procedures.
- Do not put
ADMIN_TOKEN, upstream credentials, or customer payload secrets into support bundles or public issues.