Launching today

AxioRank

Launching today

The security gateway for AI agents | identity, policy, audit

6 followers

The security gateway for AI agents | identity, policy, audit

6 followers

Visit website

Most AI security tools just watch. AxioRank enforces. It sits between your AI agents and the tools, APIs, and data they touch, giving every action three things competitors don't combine: short-lived identity instead of static keys, default-deny policy you control, and a signed audit trail you can verify offline (no trust in us required). Open AGS-1 spec, drop-in gateway, works with any agent or MCP server.

Free Options

Launch tags:SaaS•Artificial Intelligence•GitHub

Launch Team / Built With

Spotlight by BackplanesMake every Claude Code & Codex session better than the last

Promoted

Maker

📌

Hey Product Hunt 👋 I built AxioRank after watching AI agents go from answering questions to actually doing things: calling tools, hitting internal APIs, querying databases, even spending money! The capability raced ahead, but the security model didn't. Most agents still authenticate with a long-lived API key, run with broad permissions, and leave behind a log you have to take on faith. Every other part of our stack solved this years ago. People get short-lived sessions and least privilege. Microservices get scoped identity and signed requests. Agents got none of it. So AxioRank puts a gateway in front of every agent action. Before a call reaches your MCP servers, APIs, or databases, the agent gets a short-lived identity, your default-deny policy decides if it's allowed, the risk is scored, and a signed audit trail is written in under 100ms. The part I'm proudest of: that audit trail is cryptographically signed and verifiable offline, so you never have to trust us that it's accurate. We published the whole model as an open spec (AGS-1) with a standalone verifier on npm. It started as monitoring. We learned fast that watching an agent misbehave after the fact isn't security. You have to enforce at the chokepoint, and the proof has to stand on its own. Would love your feedback, especially on what you'd want governed first. 🙏

Report

1d ago

Maker

PS: Are you a mid-sized company or an enterprise? I'd love to have you as my design partner!

Report

6h ago

Forum Threads

p/axiorank

•

1d ago

How are you actually securing your AI agents right now?

We're launching AxioRank tomorrow (the security gateway for AI agents), and before

we do I'm curious how this community is handling it today.

If you have agents calling tools, APIs, or databases: are they on static keys or

short-lived identity?
Do you enforce a policy on what they can do, or mostly log it

after the fact?
And could you prove to an auditor what an agent was allowed to do?

Genuinely want to hear what's working and what isn't.

p/axiorank

•

1d ago

Watching your AI agents isn't the same as securing them

Most AI security tools inspect prompts and flag bad content. Useful, but the agent

still authenticates with a static key and a log you have to trust.

Our take: security has to be enforced at the chokepoint, before the action reaches

your systems, with an identity per agent and an audit you can verify.
We're launching AxioRank tomorrow on this thesis. Curious whether you agree or push back.

p/axiorank

•

1d ago

We built an open standard for governing AI agent actions (AGS-1)

While building AxioRank we kept hitting the same gap: no agreed way to prove an AI agent's action stayed inside policy.

So we wrote one, AGS-1, with a verifier anyone can run offline. Launch is tomorrow. Happy to answer anything about the spec or why we went open.

View all