Every layer of the engine.
IronWall stacks four independent detection methods, then locks anything it finds inside an encrypted vault that can't re-execute.
Real protection. No marketing fluff.
Every feature below runs locally. Your files never leave your device.
Daily-updated MalwareBazaar feed, hashed and indexed locally for instant lookup.
Pattern-based detection from Reversinglabs, signature-base, and the IronWall starter pack.
20-feature PE classifier (EMBER-style) catches threats no signature has seen yet.
Watches Downloads, Desktop, and other risky paths and scans new files the moment they land.
Folder-protection sliding-window detector flags mass-encryption behavior before it spreads.
Detected threats are sealed with AES-256-GCM. They can't re-execute and they can't escape.
Block known malicious domains and phishing hosts at the resolver level.
Inspects autoruns, scheduled tasks, services, and the running process tree, not just files.
The app in action
We're capturing fresh screenshots on a clean Windows 11 install. They land here when v0.1.0 ships.