Token Security
Token Security accelerates secure enterprise adoption of Agentic AI by discovering, managing, and governing every AI agent and non-human identity across the organization. From continuous visibility to least-privilege enforcement and lifecycle management, Token Security provides complete control over AI and machine identities, eliminating blind spots, reducing risk, and ensuring compliance at scale.
Learn more
asqav
asqav is an AI governance and security platform designed to make AI agents audit-ready by providing real-time monitoring, enforcement, and verifiable proof of every action taken by an agent. It introduces a lightweight SDK that allows developers to integrate governance directly into their agents in just a few lines of code, enabling continuous oversight across the full lifecycle of AI operations. It includes behavioral monitoring to detect issues such as drift, rate limits, and scope violations, along with advanced threat detection that identifies prompt injections, exposure of sensitive data, toxic outputs, and other risks. It enforces policy through configurable “policy gates,” which apply per-agent rules, preflight checks, and dynamic approvals before actions are executed, ensuring that agents operate within defined boundaries. asqav also provides automated incident response capabilities, including the ability to suspend, quarantine, or escalate risky agents.
Learn more
Preloop
Preloop is the open source AI agent control plane for agents that take real actions. It combines an MCP firewall for tool access, an AI model gateway for cost, safety, and attribution, policy-as-code with human approvals, runtime session observability, and audit trails in a single self-hostable platform. AI agents can deploy code, change infrastructure, move money, touch production data, and burn model spend in seconds, so Preloop helps teams control what agents can do, how much they spend, and which actions require human approval. It works with OpenClaw, Hermes, Claude Code, Codex CLI, Cursor, Gemini CLI, Windsurf, Cline, OpenCode, and any MCP-compatible agent or managed runtime. Access rules can inspect arguments and context, not just tool names, with CEL expressions for fine-grained conditions. Teams can start with observability, then layer in approvals and deny rules without SDKs or invasive app changes.
Learn more
Golf
GolfMCP is an open source framework designed to streamline the creation and deployment of production-ready Model Context Protocol (MCP) servers, enabling organizations to build secure, scalable AI-agent infrastructure without worrying about boilerplate. It allows developers to define tools, prompts, and resources as simple Python files, after which Golf handles routing, authentication, telemetry, and observability, so you focus on logic, not plumbing. The platform supports enterprise authentication (JWT, OAuth Server, API key), automatic telemetry, and a file-based structure that eliminates decorators or manual schema wiring. With built-in utilities for LLM interactions, error logging, OpenTelemetry integration, and deployment tools (such as a CLI with golf init, golf build dev, golf run), Golf provides a full stack for agent-native services. Included also is the Golf Firewall, an enterprise-grade security layer for MCP servers that enforces token validation.
Learn more