{RW} RosaryWare

RosaryAV. Clear protection.

Docs · RosaryAV

How RosaryAV
actually works.

You're trusting this software with deep access to your computer. The least we can do is tell you, in plain terms, what it touches and what it leaves completely alone.

Transparency

We'll show our work

Most antivirus software asks for the keys to your whole machine and then goes quiet about what it does with them. We didn't want to build that. RosaryAV is privacy-first in a way we can actually point at, not just put on a banner.

We don't log your personal account information. There's no profile being quietly assembled in the background, no ad-partner telemetry riding along, and nothing about your activity getting shipped off somewhere. The page below walks through how the software behaves so you don't have to take that on faith.

Where it runs

Everything happens on your device

A scan starts and ends on the same machine. Here's the whole path, start to finish.

Your device — nothing leaves this box
01 / WATCH

It observes

RosaryAV watches how processes and files behave on your system as it happens, right where it's installed.

02 / SCORE

It reasons

Those signals run through the offline EDR engine. The model is already on your machine, so nothing needs to phone home.

03 / DECIDE

It flags

Anything suspicious is surfaced with the evidence behind it, so a decision never arrives without a reason.

04 / TELL YOU

It explains

You get a plain-language alert. The final call stays with you, on the device, every time.

× No cloud upload. No file submission. No background telemetry. The arrow that usually points to a vendor's server simply isn't here.

Your call

Kernel access, on your terms

Not a fan of code with kernel access? That's fair. It's one of the real concerns with security software — a lot of vendors quietly run with what amounts to master access to your machine, and you never get a say.

So we gave you the switch. RosaryAV can run its kernel-level events, or you can turn them off and keep it strictly in user space. Kernel mode is more effective, and we'll be honest about that. But you paid for this product, and how it runs on your hardware should be your decision, not ours.

Kernel mode Default · most effective

Kernel-level events give RosaryAV the deepest visibility into what's happening on the system, which means stronger, earlier detection.

User-space mode Optional

Flip the switch and RosaryAV stays entirely in user space. You trade some detection depth for a smaller footprint and zero kernel driver — your choice, made knowingly.

Hard limits

What RosaryAV never does

These aren't settings or premium toggles. They're lines the software doesn't cross.

No file write

It won't write to your files

RosaryAV doesn't write into any file that isn't part of our own product. Your documents, your other apps' data — untouched.

No memory write

It won't write into other processes

We never write into the memory of other running processes. RosaryAV stays inside its own boundaries and reads what it needs without reaching in.

No upload

It won't upload your data

No files, no personal data — nothing gets uploaded anywhere, at all. There is no collection endpoint on the other end because we didn't build one.

That second one is worth dwelling on. A known trick is for a vendor to inject a DLL into your running processes — setting up a little internal relay from the target process back to the vendor's own, fishing around for more information. Honestly? In my opinion it's an uncreative way to build security software. We don't do it, and we don't need to.

Built in Rust

Modern by construction

RosaryAV is written in Rust. We went that route on purpose: it gives us fast, secure-by-default patterns, with whole categories of memory-safety bugs ruled out before the code ever ships.

Security tools have to be careful by nature. The language we build them in should hold us to that, not fight us on it.

Back to docs Home