Hoop is a wire-protocol gateway that sits between users (engineers, AI agents, service accounts) and critical infrastructure like databases, Kubernetes clusters, SSH servers, and APIs. It enforces data security and access governance by masking PII, blocking dangerous commands, requiring approvals, and recording all sessions—without modifying applications or deploying agents. Built in Go and designed for zero-configuration deployment, it supports PostgreSQL, MySQL, MongoDB, gRPC, HTTP, RDP, and more.
Hoop integrates with OIDC/SAML identity providers like Okta and Azure AD, and supports deployment via Docker, Kubernetes, or AWS. Its ML-powered data masking and protocol-aware guardrails enable compliance with SOC 2, GDPR, and PCI DSS while eliminating the need for manual access controls or audit tooling.
What You Get
- ML-Powered Data Masking - Automatically detects and masks PII, PHI, PCI, and credentials in database responses, API payloads, and terminal output using context-aware machine learning—no schema mapping or regex rules required.
- Destructive Command Guardrails - Blocks dangerous operations like DROP TABLE, DELETE without WHERE, rm -rf, and kubectl delete namespace at the wire protocol level before they reach the target system.
- Slack/Teams Command Approval - Requires human approval via Slack or Microsoft Teams for high-risk actions, with operations paused until approved, denied, or scheduled for maintenance windows.
- Full Session Recording & Replay - Captures every command, response, approval, and denial with full fidelity for compliance audits, incident investigation, and forensic review across all supported protocols.
- AI Agent Governance - Governs access for AI tools like Claude Code and Cursor by masking responses, blocking destructive writes, and logging all actions—enabling safe autonomous operations without exposing credentials.
- MCP Gateway with Sensitive Data Catalog - Inspects MCP payloads, auto-generates a real-time catalog of sensitive data from traffic, and applies masking and access controls to AI model interactions without code changes.
Common Use Cases
- Securing AI agents in production - An engineering team uses Claude Code to fix bugs in a live database; Hoop masks customer PII in responses and blocks DELETE commands before they execute, preventing data leaks and outages.
- Compliance for SOC 2 and GDPR audits - A fintech company replaces manual audit prep with Hoop’s auto-generated session logs and masked access records, reducing audit preparation from weeks to zero engineering hours.
- Eliminating DBA toil from access requests - A SaaS company automates database access for 25 engineers; Hoop replaces 10-day manual provisioning with 34-second approvals, reclaiming 93.7% of DBA time.
- Governing Kubernetes and SSH access at scale - A cloud-native team deploys Hoop to control access to 5,000+ databases and Kubernetes clusters, blocking unauthorized kubectl delete commands and recording all terminal sessions for compliance.
Under The Hood
Architecture
- Monolithic Go binary with tightly coupled gateway, agent, and client logic, lacking clear service boundaries or modular separation
- Dependency injection absent; configuration injected via build-time ldflags rather than runtime containers or factory patterns
- Directory structure reflects a single-binary deployment model without distinct layers like API, service, or repository
- Rust agent operates as a standalone binary integrated through filesystem paths and environment variables, indicating ad-hoc IPC rather than structured microservices
- SWAG used for OpenAPI generation, but HTTP handlers and middleware lack clear separation
- Build system tightly binds compilation, packaging, and binary embedding, creating fragile and non-extensible pipelines
Tech Stack
- Go as the primary language, compiled statically with CGO disabled for portability
- Rust agent cross-compiled for Linux and Darwin targets using Cargo and cross toolchains
- Docker-based deployment with minimal Ubuntu base image and tini as init process, bundling pre-built binaries
- Multi-platform build orchestration via Makefile, handling Go/Rust compilation, version stamping, and artifact packaging
- No traditional database; state managed in-memory or via files, with external services like PostgreSQL used only in development
- Custom tooling for dev environments, WASM-based RDP parsing, and automated release pipelines with artifact merging
Code Quality
- Extensive test coverage with unit and integration tests leveraging testify for mocking and assertions
- Clear domain separation through well-defined packages for secrets, runbooks, and guardrails
- Robust error handling with context-rich messages that surface root causes in validation and external failures
- Consistent naming and strong type safety via explicit struct tags for JSON, BSON, and msgpack serialization
- Comprehensive linting and input validation embedded in tests, including XML escaping and malformed payload detection
What Makes It Unique
- Native runbook automation with real-time command auditing and plugin lifecycle tracking for dynamic policy enforcement
- Event-driven analytics middleware that extracts and sanitizes API context without client-side instrumentation
- ClojureScript UI components built with Radix UI using functional composition for accessible, themable interfaces
- Unified gateway that correlates user actions, plugin behavior, and audit trails in a single request lifecycle
- Extensible rule engine for access control and runbook triggers using structured JSON schemas instead of custom DSLs