CloudArmour.io

Caddy + GoBPF

Sentinel: Production-grade edge security for every Caddy deployment.

Drop-in middleware that combines geo-based blocking, ML anomaly detection, async alerting, and Prometheus visibility, packaged with Docker/Kubernetes tooling.

Get launch updates View real scenarios

Key capabilities

Threat-aware routing

114+ GoBPF endpoints integrate geo IP scoring, anomaly detection, and event correlation to drop risky flows before they reach your app containers.

Operational maturity

Multi-stage Docker image (~50 MB), Helm-friendly manifests with HPA and PodDisruptionBudgets, non-root execution, read-only filesystems, and health probes.

Actionable signals

Prometheus metrics, Grafana dashboards, Slack/webhook/file alert delivery, and structured JSON logs keep DevSecOps teams confident during incidents.

Problems Sentinel solves

Edge blind spots

Caddy powers dashboards, APIs, and proxies that often lack WAF-like controls. Sentinel adds geo-blocking, client reputation, and async threat caches without new infrastructure.

  • Example: a SaaS vendor blocks sanction-listed regions for specific API routes using a single Caddyfile stanza.

Alert fatigue

AlertDeliveryManager fans out enriched alerts to Slack, incident webhooks, or flat files, batching duplicates so responders see context instead of noise.

  • Example: a payments provider routes critical anomalies to PagerDuty while low-risk spikes write to S3 for later review.

Observability gaps

Built-in metrics (`gobpf_caddy_requests_total`, blocked counts, threat detections) plus Docker Compose demo stack let teams prove value before rollout.

  • Example: a gaming platform exports metrics into Prometheus to auto-scale Sentinel pods during tournament launches.