All posts
June 22, 20263 min read

Keeping Planner-Executor Agents SOC 2-Compliant

Why SOC 2 evidence matters for automated agents Auditors expect concrete proof that every automated action can be traced to an authorized identity, that sensitive data never leaves the system unchecked, and that any deviation from policy is recorded and reviewed. For planner‑executor agents, this means producing detailed logs of each run, capturing the exact command set, and showing who or what triggered the execution. When the evidence is complete, the audit report simply confirms that the org

Free White Paper

SOC 2 Type I & Type II: The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Coleman Nye

Why SOC 2 evidence matters for automated agents

Auditors expect concrete proof that every automated action can be traced to an authorized identity, that sensitive data never leaves the system unchecked, and that any deviation from policy is recorded and reviewed. For planner‑executor agents, this means producing detailed logs of each run, capturing the exact command set, and showing who or what triggered the execution. When the evidence is complete, the audit report simply confirms that the organization’s controls are operating as designed, and the SOC 2 audit can be closed without supplemental questionnaires.

Current practice and its gaps

In many teams, planner‑executor agents are deployed with long‑lived service accounts that hold static credentials. The agents connect directly to databases, message queues, or internal APIs, and the surrounding code rarely asks for a fresh token or an approval before each run. Because the connection bypasses any gateway, there is no central point that can inspect the payload, mask credit‑card numbers, or stop a destructive command. The result is a black box: the auditor sees a list of successful runs but no granular view of who initiated them, what data was returned, or whether any policy was violated.

What a compliant control model requires

To satisfy SOC 2, the control model must introduce three distinct layers. First, a setup layer that issues short‑lived identities to the planner‑executor process based on OIDC or SAML assertions. Second, a data‑path layer that sits between the agent and the target system, capable of enforcing policies on every request. Third, enforcement outcomes – session recordings, inline masking, just‑in‑time approvals, and command‑level audit – that are generated only because the data‑path layer can observe and intervene in the traffic.

The setup layer alone is insufficient; it merely tells the system who is trying to act. Without a gateway that can actually inspect the request, the organization cannot prove that the request was authorized, nor can it guarantee that sensitive fields were protected. The data‑path must be the only place where enforcement occurs, and the evidence it produces becomes the artifact handed to the auditor.

Introducing hoop.dev as the data‑path gateway

hoop.dev fulfills the data‑path requirement by acting as an identity‑aware proxy for planner‑executor agents. The gateway runs a lightweight agent inside the same network segment as the target resources and intercepts every wire‑protocol interaction. Because hoop.dev is the sole conduit, it can apply real‑time guardrails, record the full session, and enforce just‑in‑time approvals before any command reaches the backend.

Continue reading? Get the full guide.

SOC 2 Type I & Type II: Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

How hoop.dev generates SOC 2 evidence

  • hoop.dev records each planner‑executor session, capturing timestamps, user identity, and the exact request/response payload.
  • It masks sensitive fields, such as SSNs, credit‑card numbers, or API keys, in real time, ensuring that logs never contain raw secrets.
  • Before a high‑risk operation (for example, a bulk delete or a schema change) is executed, hoop.dev routes the request to a human approver and stores the approval decision alongside the session record.
  • Commands that violate policy are blocked at the gateway, and the block event is logged with the reason and the originating identity.
  • All artifacts are retained in a secure audit log that the organization can query for SOC 2 reporting, providing a definitive record of every identity, action, and timestamp.

Because hoop.dev is the only component that can see the traffic, every enforcement outcome exists solely because the gateway is in place. Removing hoop.dev would revert the system to the original black‑box state, eliminating the audit trail, masking, and approval records.

Getting started with hoop.dev

Deploy the gateway using the Docker Compose quick‑start, configure OIDC authentication, and register your planner‑executor as a connection. Detailed steps are available in the getting‑started guide. For deeper insight into masking policies, approval workflows, and session replay, explore the learn section of the documentation.

FAQ

Q: Does hoop.dev replace existing service‑account credentials?
A: No. hoop.dev stores the credential used to reach the target, but the planner‑executor never sees it. The gateway presents the credential on behalf of the agent.

Q: Can I use hoop.dev with any OIDC provider?
A: Yes. hoop.dev acts as a relying party and validates tokens from any compliant IdP, such as Okta, Azure AD, or Google Workspace.

Q: How long are the session logs retained?
A: Retention is configurable; logs are kept for the duration defined by your SOC 2 policy.

Ready to see the code in action? Explore the open‑source repository on GitHub and start building a SOC 2‑ready pipeline for your planner‑executor agents.

Open source

Save the open-source gateway for agent data access

Hoop is MIT-licensed infrastructure for controlling how AI agents reach production data. Star hoophq/hoop so you can inspect it, deploy it, or share it when your team starts governing agent access.

Star and save the repo →More posts
Ask AI about this topic
ClaudeChatGPTGrokGeminiPerplexityCopilot