Shadow Mode

Evaluate policies against actions without enforcing them. Test policy changes safely before deploying to production.

What is Shadow Mode?

Shadow Mode allows you to run FaraCore in a "dry-run" mode where policies are evaluated and decisions are recorded, but actions are not actually blocked or approved. This enables you to test policy changes and understand their impact before enforcing them.

Key Features

• Policy Testing - Test new policies against real traffic without affecting operations
• Impact Analysis - See how many actions would be affected by policy changes
• Comparison Mode - Compare planned policies against active policies
• Risk Assessment - Understand the risk profile of actions under new policies
• Historical Analysis - Replay historical actions through new policies

Use Cases

Policy Development

Develop and refine policies by testing them against real agent actions without disrupting workflows. See exactly how many actions would be affected and adjust policies accordingly.

Compliance Preparation

Prepare for compliance audits by testing policies that meet regulatory requirements and ensuring they don't break existing workflows.

Gradual Rollout

Gradually tighten security policies by first running them in shadow mode, analyzing the impact, and then enabling enforcement once confident.

Benefits

• Reduce risk when changing policies
• Understand policy impact before enforcement
• Test policies against historical data
• Build confidence in policy changes
• Prevent production incidents from policy mistakes

Note: This feature is not available in the open-source FaraCore. Shadow Mode is available in Faramesh Horizon and Nexus.