AI agent control plane

Identity, permissions, and runtime controls for AI agents.

Securie starts where risk is already visible: AI coding agents with shell, file, Git, network, and secret access. AgentGuard wraps those sessions, blocks unsafe actions, isolates credentials, authorizes tools, redacts secrets, and leaves audit evidence security teams can trust.

Request early access Read the security checklist
agent identityagent, owner, task, session
runtime policyfilesystem, command, Git, network
credential brokershort-lived scoped access
tool gatewayMCP authorization and audit

Available today

One command turns a coding agent into an accountable actor.

The open-source AgentGuard runtime gives teams an immediate control point around Claude Code, Codex, Cursor-style agents, Cline, OpenHands, and internal coding agents.

Blocksensitive file reads and destructive commands
Redactsecret-like output before it lands in reports
Auditsession logs and review-ready evidence

Why this exists

AI agents moved from chat to action. Security models did not.

Developer machines now host autonomous actors that can read repositories, run shells, call tools, browse, install packages, push branches, and interact with production-adjacent systems.

Secret exposure

Agents can read `.env`, tokens, SSH keys, and database URLs.

AgentGuard blocks sensitive file access at the runtime boundary and redacts secret-like output before it reaches terminals, reports, or audit trails.

Unsafe actions

Agents can run destructive terminal, cloud, database, or Git commands.

Runtime policy denies dangerous patterns, approval-gates sensitive changes, and records the decision before a risky action becomes an incident.

No accountability

Teams need to know which agent did what and why.

First-class agent identity turns invisible automation into attributable sessions with owners, permissions, policy decisions, and compliance evidence.

Runtime control layer

A runtime that turns agent actions into policy decisions.

The first protected path is concrete: block `.env` reads, block destructive commands, allow normal work, redact detected secrets, log file and network behavior, and render a session report.

agentguard session trace 
$ agentguard run -- bash -c "cat .env && rm -rf /tmp/build"
deny    file_read      .env              policy=no_env_reads
deny    command_exec   rm -rf            policy=destructive_command
redact stdout         AKIA...          marker=[REDACTED:aws-access-key]
report session       ags_01...        markdown + json audit evidence
allow   file_read      src/main.rs      policy=normal_repo_read

Control plane

A control plane for agent actions.

A wrapper alone does not answer who the agent is, what it can access, which credential it can use, which tool it can call, which actions require approval, or what happened during the session. Securie is designed to make those decisions explicit, enforceable, and auditable.

Layer
Job
How it grows
Identity
Agent registry, owner mapping, session IDs, lifecycle, revocation.
session identity now; team identity controls as you scale
Runtime
Process wrapper, filesystem controls, command controls, network proxy, Git controls.
coding-agent runtime now; broader agent controls as you scale
Policy
Allow, deny, redact, require approval, alert, terminate, and explain decisions.
local policy now; shared team policy as you scale
Credentials
Replace inherited human secrets with short-lived scoped grants.
local secret protection now; brokered credentials as you scale
Tool gateway
Authenticate, authorize, redact, approval-gate, and audit MCP/tool calls.
coding-agent hooks now; MCP and enterprise tool controls as you scale
Audit
Append-only local evidence, PR reports, compliance trail, retention later.
local reports now; centralized evidence as you scale

Starts with coding agents

From coding agents to every enterprise agent.

Coding agents are the first protected surface because the risk is concrete and the developer install path is fast. The same identity, policy, runtime, approval, and audit layer expands to every agent that can touch company systems.

Now

Coding agents

Claude Code, Codex, Cursor, Cline, OpenHands, Devin-style agents, internal repo agents.

Next

DevOps and CI/CD agents

Release automation, deployment bots, test-fix agents, package-publish agents, incident runbook agents.

Next

Cloud and database agents

AWS, GCP, Azure, Kubernetes, Supabase, Postgres, warehouse, and production-access workflows.

Platform

MCP and enterprise agents

Support, finance, sales ops, HR, security, browser, SaaS, and workflow agents with scoped permissions.

First riskSecrets

Stop accidental `.env`, token, and key exposure.

Core binaryRust

Single security-critical runtime.

First surfaceCLI

Wrap AI coding agents locally.

PlatformControl

Identity, policy, approvals, audit.

Security guides

Evaluate AgentGuard against real agent risks.

Use these pages to review runtime enforcement, agent identity, approvals, audit logs, and compliance evidence before you deploy AI agents broadly.

AI coding agent runtime security

Secure runtime for AI coding agents

How AgentGuard is designed to watch files, commands, Git, network, secrets, and child processes.

Read page Agent identity

First-class identity for autonomous agents

Why agent IDs, owners, session IDs, risk tiers, and revocation are becoming core security primitives.

Read page Control plane

Identity, credentials, tools, policy, and audit

The enterprise control model for agents that can touch code, cloud, databases, SaaS, and MCP tools.

Read page Policy engine

Deterministic policy for agent actions

Allow, deny, redact, approval-gate, alert, terminate, and log-only decisions for real agent behavior.

Read page Audit and compliance

AI agent audit logs and PR reports

Evidence for security reviews, SOC 2 readiness, incident response, and enterprise questionnaires.

Read page Threat model

What current protections cover, and what they do not

A practical threat model for honest hallucinating agents, prompt injection, and future isolation tiers.

Read page Checklist

AI coding agent security checklist

A buyer-ready checklist for secret blocking, runtime controls, approvals, audit logs, and revocation.

Read page Claude Code security

Runtime guardrails for Claude Code

How teams should think about hooks, shell access, secrets, approvals, and audit logs around Claude Code.

Read page Codex security

Secure OpenAI Codex agent workflows

Runtime controls for Codex-style coding agents that can inspect code, run commands, and modify repositories.

Read page Cursor AI security

Protect repositories using Cursor-style agents

Guardrails for IDE-native coding assistants that can touch source code, secrets, terminals, and Git.

Read page

Questions buyers ask

What should security teams know?

The category, threat model, and runtime controls are explicit so security teams can pressure-test what matters before broad rollout.

Is Securie just a wrapper around coding agents?

No. The runtime is the first control point. Securie also tracks agent identity, scoped permissions, deterministic policy, data protection, approvals, audit logs, integrations, and revocation so teams can govern agent work end to end.

Can AgentGuard stop `.env` reads today?

Yes on Linux for the protected runtime path. AgentGuard also blocks obvious command-level secret reads, redacts secret-like output, logs decisions, and supports Claude Code hooks.

Does this work beyond IDE coding agents?

Yes. Coding agents are the first protected surface because they already touch secrets, terminals, Git, and production-adjacent systems. The platform expands to CI/CD, cloud, database, MCP, support, finance, and internal enterprise agents.

Give AI agents identity, permissions, runtime controls, and evidence before they touch production.

Talk to Securie