Code of Ethics
This page outlines principles for how CustosEye is intended to be used. These principles reflect our commitment to transparency, privacy, security, and responsible use.
Transparency About Data Usage
CustosEye is designed to be transparent about what data it collects and how it uses that data.
The software monitors processes (including executable paths, hashes, code signatures, parent relationships,
memory usage, command lines), network activity (listening ports and active connections), and file integrity
(for files you choose to monitor). All of this data stays on your machine in the data/ directory.
Nothing is sent to external servers or cloud services. The dashboard serves only on localhost.
For details on what data is collected and how it's processed, see our Methodology page.
Respect for User Privacy and Consent
CustosEye runs entirely locally on your machine. You control what gets monitored, you choose which files to watch for integrity changes, and you can stop monitoring at any time by closing the application. The software doesn't require internet access for core features, and it doesn't collect or transmit personal information. The dashboard requires authentication (login with optional 2FA) to access, and session secrets are auto-generated per installation.
For information about how this website handles privacy and consent, see our Privacy Policy and Cookie Settings page.
Security and Safe Handling of Data
CustosEye is designed with security in mind. All data collected by the software stays on your
machine and is stored in local files in the data/ directory.
The web dashboard runs locally on your computer at http://127.0.0.1:8765/
and doesn't expose data to external networks. Authentication is required to access the dashboard,
with optional 2FA support for additional security.
File integrity monitoring supports SHA-256 hashing (for exact change detection) or mtime+size tracking (for lighter monitoring). SHA-256 provides strong cryptographic guarantees. The software stores configuration files (rules, trust weights, integrity targets, trust database, etc.) in a local data directory that you control. Exports are manual and local only, no automatic data transmission.
Avoiding Manipulative or Misleading Behavior
CustosEye is designed to be honest about what it does and what it doesn't do. The trust scoring engine (CSC v2) provides categorical verdicts (trusted, caution, suspicious, malicious, unknown) with confidence scores and human-readable reasons, so you can understand why a process was classified a certain way. The dashboard shows trust verdicts, process classes, and detailed event information with clear severity levels (Info, Warning, Critical) assigned by the rules engine.
The software doesn't use fear-based messaging or false positives to encourage upgrades or subscriptions. It's a monitoring tool that presents information clearly through real-time event feeds, process trees, and integrity monitoring, letting you make your own decisions. All features are available without any premium tiers or paywalls.
Responsible Use and Clear Disclosure of Limitations
CustosEye is a monitoring tool, not an active security product. It reports what it sees but doesn't block or quarantine processes. The trust scoring engine (CSC v2) uses heuristics and local prevalence, not behavioral analysis or machine learning, so it might miss sophisticated threats that don't match known patterns.
Important limitations to be aware of:
- CustosEye doesn't use threat intelligence feeds or cloud-based reputation services, trust scores are based entirely on local signals and your system's history
- The software may be less accurate on a fresh system or when new software is first installed, as the prevalence database builds over time
- File integrity monitoring in "mtime+size" mode is faster but less secure than SHA-256 hashing, it might miss changes that don't affect file size or modification time
- The software is currently designed for Windows 10 or 11 systems
- No real-time blocking, CustosEye monitors and reports but doesn't take automatic action
For more details on limitations and assumptions, see our Methodology page.
Open Source and Community
CustosEye is open source software. The source code is available for review, and you can verify that the software does what it claims to do. This transparency is a core part of our commitment to trust and security.
If you find issues or have concerns about how CustosEye works, you can review the code, report problems, or contribute improvements. For licensing information, see our License page.
User Responsibility
CustosEye is a tool that provides visibility into your system, but it's your responsibility to interpret the information and take appropriate action. The software doesn't make decisions for you; it presents data and trust scores to help you understand what's happening on your system.
Use CustosEye responsibly and in accordance with applicable laws and regulations. The software is intended for monitoring your own systems or systems you have explicit permission to monitor.