Behavioral runtime security for web applications.
Tellsign is coming.
TLDR: Anomalous behavior logged or prevented.
Basically, a whitelist of acceptable functionality.
Anything else gets logged or guarded against.
Tellsign learns how your application actually executes during testing — every method call, argument type, and execution path — then watches production for deviations.
When runtime behavior diverges from the trained baseline, it flags it.
The deviation is either a gap in your test coverage or an attacker doing something your developers never anticipated. Both are valuable signals.
In production, every request is traced.
New execution paths trigger a log event.
Configurable via TOML: inclusion and exclusion rules, custom value types, pattern matching, extensions.
Logs can be piped to any LLM provider for analysis using the customer's own API tokens.
Optional Guard mode errors out on anomalous behavior, turning detection into prevention.
Cheers!