The extension mechanism is basically the one that Seth introduced with his intel extensions. The main difference lies in using a hook instead of an event. An example policy implements whitelisting.
