Policy
Server Defense DDI
The module classifies hostile traversal and recommends defensive action inside infrastructure owned or authorized by the operator.
Thresholds
< 0.45: ALLOW
0.45–0.74: OBSERVE
0.75–0.94: CONTAIN
0.95+: FAIL
Allowed Containment
Rate-limit, isolate session, serve non-sensitive decoys, increase logging, preserve proof, and alert operator.