Radar
Community threat intelligence dashboard. See real-time anomaly trends, top attacked servers, and weekly digests across the Navil network.
Overview
Navil Radar aggregates anonymized threat data from all community nodes. It provides a public, real-time view of the threat landscape across MCP and CLI protocols — no authentication required.
Live Dashboard
The Radar dashboard shows:
- Machines protected across the network
- Events detected in the last 24h and 7d
- Event trend charts (7d and 30d views)
- Top anomaly types with severity breakdowns
- Top attacked MCP servers
Protocol Filtering
Filter the dashboard by protocol: All (combined view), MCP (Model Context Protocol events only), or CLI (command-line shim events only). This lets you focus on the attack surface relevant to your deployment.
Weekly Digest
The weekly digest provides a summary of the past 7 days: total events, week-over-week delta, severity distribution, daily activity breakdown, and top threats sorted by severity.
Contributing Data
Every Navil instance contributes anonymized threat data to the community pool by default. No personally identifiable information is shared — only anomaly types, severity levels, and tool names. You can opt out in settings.