Built from scratch - custom kernel minifilter with 70+ modules, behavioral engine with attack chain tracking , MITRE ATT&CK mapping and ETW Telemetry. Most of EDRs Kernel sensor is closed. Our kernel sensor and the usermode-agents fully open-source right now.(PhantomEDR PhantomXDR PhantomHome).