About hoop.dev
Identity tools verify who connects. We govern what happens after the session begins. Every query inspected, every command evaluated, every response masked. At the protocol layer, at wire speed.
Why we built this
Every security stack we encountered solved the same problem: who gets in. Authentication, authorization, identity federation. But once the session opened, the controls stopped.
Engineers queried production databases and saw raw PII. AI agents ran kubectl commands at machine speed with no review. The data moved through the wire completely unprotected. We built Hoop to close that gap.
Engineering principles
Security that depends on application changes is security that gets skipped. The gateway sits at the wire protocol level. No SDKs to install, no code to change, no plugins to maintain. It just works with the tools your team already uses.
Logging a breach is not the same as preventing it. Hoop masks data before it reaches the client, blocks destructive commands before they execute, and gates risky actions before they run. The event never happens.
The code that touches your data should be code you can read. The gateway is MIT-licensed and open on GitHub. Inspect the protocol parsing. Audit the masking logic. Build plugins. No trust required.
Enterprise security tools that take months to deploy are enterprise security tools that sit on a backlog. Hoop deploys in a day. One gateway. No agents on endpoints. No schema discovery. No migration.
Transparency
The gateway that parses your wire protocols, inspects your queries, and masks your data is open source under the MIT license. We believe the code that touches your most sensitive data should be code you can read, audit, and contribute to.
We run Hoop on Hoop. Every session our own team executes goes through the same gateway, the same guardrails, the same audit trail. The product we sell is the product we depend on.
30-minute session with the engineering team. Bring your architecture diagram and your hard questions. No slides. No sales pitch.