SolonGate: a bouncer that reads what your agent is about to do
As agents get more autonomous, the scary moment isn't the model thinking, it's the model acting, the tool call that deletes a file, hits an API, or runs a shell command. SolonGate is a security gateway built for exactly that moment. It sits as a zero-trust proxy in front of your MCP servers, reads the actual tool-call payload, and denies anything your policy forbids in milliseconds, before it executes.
The approach is the right altitude. A lot of agent security is about identity, who is this agent, what is it allowed to be. SolonGate works one level down, on what is this specific call actually trying to do right now, with policy rules over file access, network requests, and system commands. Every call gets a tamper-evident log with the allow or deny decision and the arguments, so you get an audit trail instead of a black box.
It can run air-gapped or on-prem, and works with Claude Code, Gemini CLI, and OpenClaw. Right now it's at the design-partner stage with enterprise clients rather than a wide-open launch, so treat it as early, but the shape is clearly aimed at production deployments where someone actually has to sign off on what the agents can touch.
This fits a thread that's been building all month. NewCore raised to govern agent identity, Agent Browser Shield filtered the page before the agent saw it, and the Bunq and Miasma incidents showed the agent itself becoming the attack surface. The control plane for autonomous agents is forming in real time, and intercepting the payload, not just the identity, is the layer that was missing. Details at https://solongate.com.
← Back to all articles
The approach is the right altitude. A lot of agent security is about identity, who is this agent, what is it allowed to be. SolonGate works one level down, on what is this specific call actually trying to do right now, with policy rules over file access, network requests, and system commands. Every call gets a tamper-evident log with the allow or deny decision and the arguments, so you get an audit trail instead of a black box.
It can run air-gapped or on-prem, and works with Claude Code, Gemini CLI, and OpenClaw. Right now it's at the design-partner stage with enterprise clients rather than a wide-open launch, so treat it as early, but the shape is clearly aimed at production deployments where someone actually has to sign off on what the agents can touch.
This fits a thread that's been building all month. NewCore raised to govern agent identity, Agent Browser Shield filtered the page before the agent saw it, and the Bunq and Miasma incidents showed the agent itself becoming the attack surface. The control plane for autonomous agents is forming in real time, and intercepting the payload, not just the identity, is the layer that was missing. Details at https://solongate.com.
Comments