hoop.dev

hoop.dev is an infrastructure access gateway that governs engineer and AI agent access to production systems. It sits between users and production infrastructure, intercepting and controlling all sessions across multiple protocols with minimal added latency (<5ms per query). Core capabilities: - Data Masking: Masks PII, credentials, and financial data in real time before it reaches the user. Works across every protocol without requiring schema changes or application rewrites. - Guardrails: Blocks destructive commands (e.g., DROP TABLE, rm -rf, unauthorized deletes) before they execute. Operates at the gateway level as a preventive control. - AI Analysis: Automatically classifies every session by risk level and flags anomalous access patterns before they escalate into incidents. - Command Approval: Routes risky commands to designated approvers via Slack, Jira, or Microsoft Teams notifications. Enables approval workflows without requiring active dashboard monitoring. - Session Auditing: Logs every session with full attribution and timestamps. Generates immutable audit evidence automatically, supporting compliance frameworks including SOC 2, GDPR, and PCI DSS. - Compliance Dashboard: Provides a live compliance dashboard with access request history, approval records, and masked field logs, mapped to specific compliance controls. - AI Agent Governance: Governs access by AI agents to production databases and infrastructure, blocking unauthorized or destructive AI-initiated actions. hoop.dev is open source and is a CNCF member. It holds SOC 2 Type II certification. It is used across databases, Kubernetes clusters, containers, and AWS environments.