Preloop
Preloop is the open source AI agent control plane for agents that take real actions. It combines an MCP firewall for tool access, an AI model gateway for cost, safety, and attribution, policy-as-code with human approvals, runtime session observability, and audit trails in a single self-hostable platform. AI agents can deploy code, change infrastructure, move money, touch production data, and burn model spend in seconds, so Preloop helps teams control what agents can do, how much they spend, and which actions require human approval. It works with OpenClaw, Hermes, Claude Code, Codex CLI, Cursor, Gemini CLI, Windsurf, Cline, OpenCode, and any MCP-compatible agent or managed runtime. Access rules can inspect arguments and context, not just tool names, with CEL expressions for fine-grained conditions. Teams can start with observability, then layer in approvals and deny rules without SDKs or invasive app changes.
Learn more
Token Security
Token Security accelerates secure enterprise adoption of Agentic AI by discovering, managing, and governing every AI agent and non-human identity across the organization. From continuous visibility to least-privilege enforcement and lifecycle management, Token Security provides complete control over AI and machine identities, eliminating blind spots, reducing risk, and ensuring compliance at scale.
Learn more
OpenBox
OpenBox is an enterprise-grade AI governance platform designed to make AI systems transparent, auditable, and safe to deploy at scale by enforcing real-time oversight across every agent action and system interaction. It provides a unified governance layer that connects identity, policy, risk, and compliance into a single runtime system, eliminating the fragmentation typically found across multiple tools and enabling organizations to standardize control over AI behavior. It integrates directly into existing AI workflows through a lightweight SDK, requiring no architectural changes, and immediately delivers full visibility into how AI agents operate, make decisions, and interact with other systems. OpenBox monitors and evaluates every action before execution, applying policy enforcement and regulatory checks in real time to prevent non-compliant or risky behavior rather than reacting after errors occur.
Learn more
Defakto
Defakto secures every automated interaction by issuing short-lived, verifiable identities to non-human actors such as services, pipelines, AI agents, and machines, eliminating static credentials, API keys, and standing privileges. Their unified non-human identity and access management solution enables discovery of unmanaged identities across cloud, on-premises, and hybrid environments, issuance of dynamic identities at runtime tied to policy, enforcement of least-privilege access, and full audit-ready logging. The product consists of modules; Ledger for continuous discovery and governance of non-human identities; Mint for automated issuance of purpose-bound, ephemeral identities; Ship for secretless CI/CD workflows where hard-coded credentials are removed; Trim for automatic right-sizing of access and removal of over-privileged service accounts; and Mind for securing AI agents and large-language models with the same identity model used for workloads.
Learn more
