ClearVector Sensor is a runtime detection and response agent designed for cloud and container workloads. The sensor attributes activity to originating identities when operations occur inside container technologies including Docker, containerd, and Kubernetes, as well as cloud-native services such as ECS, EKS, and GKE, or on bare-metal nodes like EC2 and GCE. The sensor is built using Rust and eBPF technology, designed for production environments with resource consumption typically under 1% CPU, less than 50 MB of RAM, less than 50 MB on disk, and less than 5 MB of network traffic during updates. It supports both AMD64 and ARM64 architectures and operates on various operating systems including Bottlerocket and Amazon Linux. When deployed, the sensor adds runtime activity data about how identities operate inside workloads to ClearVector's identity models and sends notifications when risky activity is detected. The sensor provides interactive command attribution, tracing every interactively typed command back to its source, whether it originated from SSH, SSM, ECS exec, or other interactive environments. Deployment options include manual installation on images, using a minimal Chainguard-derived image, or deploying as an ECS daemon service.