Skip to main content
Solo Developer · 2025 - Present

Real endpoint security for the schools and clinics that enterprise vendors ignore.

The security industry sells to enterprises and lets everyone else figure it out. A school district with one IT admin and FERPA obligations has no path to real endpoint protection without spending enterprise money or hiring a security engineer. Bastion is a Rust-based EDR built for that gap: seven detection layers, compliance from day one, at a price smaller organizations can actually pay.

$30-50per endpoint / mo$5-8per endpoint / mo
RustAxumTonic gRPCSurrealDBYARA-XTokio

Wazuh is free and capable. It needs a security engineer to deploy.

CrowdStrike Go starts at $5/endpoint. It assumes modern hardware.

Bastion runs on 2015 lab machines. No security team required.

School labs running Windows 7 on hardware from 2015

Rural clinics with HIPAA obligations and no IT staff

Wazuh deployed once, never maintained, silently failing

CrowdStrike Go capped at 100 endpoints. Most districts have more.

All layers execute concurrently via Tokio::spawn — total time = slowest layer, not sum

STATICpass2.1ms
HEURISTICpass4.3ms
BEHAVIORALflag8.7ms
PIIpass1.8ms
MEMORYthreat3.2ms
SCRIPTpass5.1ms
MITRE ATT&CKpass6.4ms
VERDICT: THREAT DETECTEDConfidence 94.2% · Total 31.6ms

Parallel layer dispatch

All seven layers run concurrently. SurrealDB correlates the results. Sub-50ms because nothing waits in line.

rustsrc/pipeline/dispatch.rs

Seven Tokio tasks run concurrently. SurrealDB correlates the results via graph traversal.

Bastion marketing site
Marketing site. Pricing gap and architecture up front.
Bastion documentation portal
Documentation portal — written for the IT admin who will deploy it.

Where it stands

Version 13. 60,000+ lines of Rust. Zero unsafe blocks.
Next: a managed pilot with a school district.

< 0.5%

CPU at idle

< 100MB

Memory

< 50ms

Pipeline response

$5–8

Per endpoint / mo