Skip to main content

Documentation Index

Fetch the complete documentation index at: https://quintsecurity.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Intelligence

Quint’s intelligence layer is the reason the platform sees more than a passive EDR. Two systems work together:

Behavioral Intelligence (Tier 1)

Per-agent statistical scoring. Every tool call is scored against the agent’s behavioral baseline, flagged deviations trigger escalations, and threat signatures are distilled into fleet-wide rules. Pipeline:
  1. Scoring pipeline — 4 gates (deny list, capability policy, rate limit, behavioral Bloom) + Gate 5 (corroboration)
  2. Agent fingerprint — stable identity across sessions, derived from model + platform + tool inventory
  3. Session relationships — parent/child spawns, model divergence, sub-agent detection
  4. Baseline floors — minimum signal required before an agent can be scored
  5. Threat signatures — distilled patterns pushed to every proxy in the fleet
See Behavioral → Overview for the full pipeline.

Graph Intelligence (Tier 2)

Structural pattern detection that Tier 1 can’t express. Actions are materialized as a property graph in Memgraph, and a Variational Graph Autoencoder (VGAE) scores session subgraphs for anomaly. Pipeline:
  1. Action graph — nodes: Action, Session, Agent, Resource; edges: NEXT, BELONGS_TO, STARTED_BY
  2. GNN features — 143-dim feature vector per action (capability, temporal, rule firings)
  3. VGAE anomaly score — reconstruction error normalized to [0, 1]
  4. Signature distillation — high-anomaly sessions → structural ThreatSignature → fleet push
See Graph → Overview for the graph schema and GNN architecture.

How they compose

Tier 1 handles the common case fast (single-event decisions in under 35ms). Tier 2 runs asynchronously on session graphs for anomaly detection that catches novel patterns. When Tier 2 finds something interesting, it distills the pattern and pushes it back to Tier 1’s rule matcher — closing the feedback loop.

Where to go next

Behavioral Pipeline

The 4-gate + Gate 5 scoring flow

Graph Schema

Nodes, edges, and ingestion

Threat Signatures

How patterns distill and propagate

Scoring Algorithm

VGAE + rule engine composite score