Defakto
Defakto secures every automated interaction by issuing short-lived, verifiable identities to non-human actors such as services, pipelines, AI agents, and machines, eliminating static credentials, API keys, and standing privileges. Their unified non-human identity and access management solution enables discovery of unmanaged identities across cloud, on-premises, and hybrid environments, issuance of dynamic identities at runtime tied to policy, enforcement of least-privilege access, and full audit-ready logging. The product consists of modules; Ledger for continuous discovery and governance of non-human identities; Mint for automated issuance of purpose-bound, ephemeral identities; Ship for secretless CI/CD workflows where hard-coded credentials are removed; Trim for automatic right-sizing of access and removal of over-privileged service accounts; and Mind for securing AI agents and large-language models with the same identity model used for workloads.
Learn more
Preloop
Preloop is the open source AI agent control plane for agents that take real actions. It combines an MCP firewall for tool access, an AI model gateway for cost, safety, and attribution, policy-as-code with human approvals, runtime session observability, and audit trails in a single self-hostable platform. AI agents can deploy code, change infrastructure, move money, touch production data, and burn model spend in seconds, so Preloop helps teams control what agents can do, how much they spend, and which actions require human approval. It works with OpenClaw, Hermes, Claude Code, Codex CLI, Cursor, Gemini CLI, Windsurf, Cline, OpenCode, and any MCP-compatible agent or managed runtime. Access rules can inspect arguments and context, not just tool names, with CEL expressions for fine-grained conditions. Teams can start with observability, then layer in approvals and deny rules without SDKs or invasive app changes.
Learn more
Permiso
Permiso is an identity security platform that secures human, non-human, and AI identities across cloud, SaaS, and on-premises environments. The platform is built around its Universal Identity Graph, which connects identities to credentials, machines, agents, permissions, and runtime activity to provide continuous visibility across authentication boundaries. Permiso helps organizations discover identities, evaluate identity risk, detect threats, and defend against account compromise, insider threats, and attacks targeting AI agents and non-human identities. The platform combines identity discovery, posture management, runtime monitoring, threat detection, and response capabilities into a single identity security solution. It continuously analyzes identity behavior, permissions, tool calls, API activity, and machine interactions to identify suspicious activity before it becomes an incident.
Learn more
OpenBox
OpenBox is an enterprise-grade AI governance platform designed to make AI systems transparent, auditable, and safe to deploy at scale by enforcing real-time oversight across every agent action and system interaction. It provides a unified governance layer that connects identity, policy, risk, and compliance into a single runtime system, eliminating the fragmentation typically found across multiple tools and enabling organizations to standardize control over AI behavior. It integrates directly into existing AI workflows through a lightweight SDK, requiring no architectural changes, and immediately delivers full visibility into how AI agents operate, make decisions, and interact with other systems. OpenBox monitors and evaluates every action before execution, applying policy enforcement and regulatory checks in real time to prevent non-compliant or risky behavior rather than reacting after errors occur.
Learn more