Agent Runtime Security + Observability

Monitor AI AgentsAt the Kernel Layer

Traditional instrumentation misses agent behavior happening in subprocesses and tools like curl. Metoro uses eBPF to capture every request, action, and anomaly across your agent runtime.

Get started

Free trial available. No code instrumentation required.

The Problem

Monitoring AI Agents Is A New Runtime Problem

Instrumentation gap

No Instrumentation Point

Traditional applications emit telemetry from known code paths. AI agents call arbitrary programs and tools, where there is no reliable instrumentation point.

How can we see what agents are doing without instrumenting every application and tool?

telemetry_path_view

Regular application

Agents

Instrumented application request

user

api

otel-sdk

dashboard

Telemetry emitted from app hooks

Known app path: telemetry is captured from instrumented code.

Dynamic dependencies

Unknown Dependencies And Call Paths

Agents are useful only when they can access external systems and execute real actions. Dependencies and call patterns are dynamic, broad, and difficult to model ahead of time.

How can we follow this dynamic execution chain to understand what agents are doing?

dynamic_dependency_graph

Execution path changes every request

agent

python

bash

ruby

node

curl

http client

llm sdk

internal api

openai

webhook

Current executionlive path

agent->python->curl->internal-api

Dependency maps are non-deterministic for agents, so fixed service-level assumptions break down.

Execution risk

Arbitrary Execution Risk

You are no longer only running trusted code your team wrote. Autonomous agents can execute untrusted behavior that affects security, availability, and external systems.

Agents are running arbitrary code on your infrastructure, you need to be able to react to what it's doing in real time and shut it down if necessary.

runtime_risk_monitor

User

submits malicious ddos agent

Company infra

awaiting submission

contains

Agent runtime

idle

usa.gov

external service

Egress rate0 req/s

Current stage1/5

User submits an agent package for execution inside company infrastructure.

Regular outbound traffic.

The Solution

Observe Once At The Kernel

eBPF instrumentation at the kernel layer captures what every agent process is doing, regardless of language, framework, or toolchain. Instead of chasing instrumentation across apps and scripts, you monitor the common syscall boundary.

request_flow_capture

Execution path via kernel syscall layer

agent

python

bash

node

ruby

curl

http client

kernel syscall

internal api

webhook

Current capture pathlive path

agent->

python->

http client->

kernel syscall->

internal api

Outbound calls may vary, but every request path crosses the kernel syscall layer before destination APIs.

kernel_capture_path

Single capture point for every program

AI Agent Processpython/ruby/node

Program Executionshell / curl / browser

libc Wrappernetwork / io calls

Socket Syscallkernel boundary

eBPF Probecapture at source

Metoro Pipelinenormalized telemetry

Capabilities

What You Can Do With AI Agent Monitoring

Built-In LLM Query Inspection

Inspect prompts and responses for every AI agent request across languages and frameworks. Capture model traffic without SDK-specific hooks.

llm_request_inspection

Provider agnostic prompt + response capture

python-agent

provider: gemini

ruby-agent

provider: openai

eBPF inspection stream

Captured payload

prompt="Summarize incident timeline"

response="Root cause points to DNS timeout..."

Audit Log For All Agent Actions

Track process creation, outbound requests, resource spikes, and model calls in one sequence so incidents can be reconstructed accurately.

agent_audit_timeline

Immutable sequence of every action

spawn process

/bin/bash -lc

network request

POST api.openai.com

resource spike

cpu +72%

llm response

status=200

External Request Visibility Everywhere

See every outbound request made by scripts, CLIs, and browser automation from agent runtimes in one consistent stream.

egress_capture_matrix

Any external request, any runtime

python script

curl cli

headless browser

eBPF capture

Captured external streams: 1/3

Automatic Malicious Activity Detection

Use out-of-the-box and custom detections to identify suspicious behavior like abnormal request bursts, policy violations, and high-risk command patterns.

threat_detection_engine

Out-of-box detections + custom rules

Baseline traffic patterns still normal.

22 rps

No detection rule triggered

Built-In Reactions To Threats

Respond immediately by blocking requests, notifying teams, or terminating agent execution when malicious activity is confirmed.

automated_reactions

Respond in real-time when policy is violated

Block Requestdrop malicious egress

Alert Teamnotify on-call + slack

Kill Agentterminate pod

Awaiting policy trigger...

Customer Feedback

What Are Teams Saying?

"Running Agents is our core business, and Metoro has been a game-changer for us. Before we were flying blind, now we have a clear view of what our agents are doing and can take action when something goes wrong."

Alex Goddijn - Founder - Fern Labs

"In the last week, we've detected and blocked 10 malicious agents that were running on our infrastructure. Without Metoro, they would still likely be running."

Joe Hewett - Founder - Asteroid

"Anyone running user agents on their infrastructure needs a solution like Metoro, it's just a case of when, not if a malicious agent will be running."

Kevin Kim - CTO - Remy Security

Trusted by hundreds of the best at

Book a demo

See how Metoro tracks agent behavior end-to-end and deploys in minutes on your Kubernetes clusters.

Get started

SUPPORT

Frequently Asked Questions About AI Agent Monitoring

Everything you need to know about the product and billing. Can't find the answer you're looking for? Ask us on our Slack Community.

What scale of traffic does Metoro support?

Metoro is running in production on clusters with 1000s of nodes and billions of requests per day.

Does Metoro run on-premises?

Yes. Metoro can be deployed on-premises or in any cloud provider. As long as Kubernetes is available, Metoro can be deployed.

How much does Metoro cost?

Metoro has a free tier for hobbyists. For cloud users pricing starts at $20/node/month. On-premises deployments are priced based on support level and deployment complexity.

What levels of the network stack does Metoro observe?

Metoro primarily observes L4 and L7 protocols, including HTTP, HTTPS, gRPC, and more.

Does Metoro offer pilots?

Yes. Metoro generally offers a free 30-day pilot for customers who want to evaluate the product with support from a dedicated engineer.