As per this Issue on Github:
I’ve created this thread here to ask, and such we can discuss, if there are any updates or formal timeline/release-schedule for memory introspection.
I personally think that a memory introspection VM template would add far more practical security to Qubes than any other measure I can think of (aside from those outside control of qubes, e.g. firmware etc).
For those who aren’t aware, memory introspection is essentially the IDS/IPS that actually works. It operates outside of the potentially infected VM, analysing OS calls to the hypervisor, hence can detect behaviour that shouldn’t be there that an infected OS would hide from inside the OS abstraction layer.
As bounties are a thing, what sort of bounty would get a working memory introspection VM which:
is user-friendly to configure isolation (simple cmdline or gui to set XSM policy limiting memory introspection VM to respective VM)
automatically works with existing qubes templates (without need for manually configuring loads of rules)
leverages disposable VMs