DATA SECURITY IN TRANSIT

Your most sensitive data is in transit right now. Can you see it?

Hoop sits between your engineers, AI agents, and infrastructure. Every query, every command, every session passes through one gateway, where you can mask sensitive data, block dangerous operations, and approve risky actions before they execute.

See your hidden risk →Get started free →
5,000+databases protected in a single deployment
<5msadded latency per query
CNCFmember · open source core
hoop

Trusted by engineering teams at

LiveSecuring Claude Code in ProductionApr 22Register →

THE BLIND SPOT

You protect data at rest. Data in motion is your blind spot.

Queries, commands, and pipelines move sensitive data across your infrastructure every second. Most security tools can’t see any of it.

NATIVE CLIENT SUPPORT

Your tools. Your workflow. The gateway is invisible.

DBeaver, DataGrip, psql, kubectl, Lens, SSH. Your team keeps using the tools they already know. The data arrives already masked. No plugins, no browser extensions, no proprietary UI.

DBeavercustomers @ prod-db
nameemailssnphone
Sarah Chensarah.chen@acme.io284-19-7653+1 415-892-3041
Marcus Webbm.webb@globex.com531-77-0294+1 212-555-8817
Elena Ruizeruiz@initech.co719-42-8106+44 20-7946-0958
James Okaforj.okafor@stark.dev603-88-1542+1 650-331-7720
4 rows returned · masked by hoop gateway
Terminal— psql
prod-db=> SELECT name, email, ssn FROM customers LIMIT 3;
name | email | ssn
-------------+----------------------+-------------
Sarah Chen | sarah.chen@acme.io | 284-19-7653
Marcus Webb | m.webb@globex.com | 531-77-0294
Elena Ruiz | eruiz@initech.co | 719-42-8106
(3 rows) · masking: active
Lens— Pod Logs
[INFO] User login: sarah@acme.io from 192.168.1.42
[INFO] Payment processed: card 4532-XXXX-XXXX-7821 amount $142.50
[WARN] Failed auth: m.webb@globex.com · 10.0.3.88
streaming · 3 fields masked
Terminal— ssh prod-server
$ cat /var/log/app/users.csv
id,name,email,ssn
1,Sarah Chen,sarah.chen@acme.io,284-19-7653
2,Marcus Webb,m.webb@globex.com,531-77-0294
3,Elena Ruiz,eruiz@initech.co,719-42-8106
file output · 9 fields masked

HOW IT WORKS

One gateway. Every protocol. Real-time control.

One gateway parses every wire protocol in real time. Four capabilities no other tool provides.

Data Masking

Identify and redact sensitive data in transit before it reaches the client. PII, PHI, financial data, credentials. One rule covers thousands of resources. No schema required.

Learn more →
Guardrails

Define dangerous operations and block them before they execute. DROP TABLE, rm -rf, unauthorized deletes. Prevention, not detection.

Learn more →
AI Analysis

Real-time analysis of session content. Classify risk levels, detect anomalies, flag unusual access patterns. Your security team sees what is actually happening in transit.

Learn more →
Runbooks

Automated response workflows triggered by session events. Escalate, notify, remediate. Connect Hoop to Slack, PagerDuty, Jira, or any webhook.

Learn more →

LAYERED ACCESS CONTROL

Seven layers between your data and exposure.

Every access level adds controls. From automatic masking on read, to runbook-only mode where no human touches production directly.

Active controls
AI Data MaskingAutomatic
Just-in-time sessionsTime-bound
Peer approvalRequired
Written justificationMandatory
Leader / DBA approvalMulti-step
Query guardrailsActive
AI session analysisScanning
Runbook-only modeEnforced
Read + MaskingSensitive fields hidden. No approval needed.Read UnmaskedRaw data, peer approval, time-bounded.Sensitive ReadJustification + full audit trail.Standard WriteLeader approval, guardrails active.Sensitive WriteAI risk analysis on every query.Structural ChangeOnly pre-approved CI/CD actions.Runbook OnlyNo manual sessions. Automation only.CRITICALDATA

AI ACCESS GOVERNANCE

AI agents inherit your engineers’ access. They shouldn’t inherit the risk.

Agents connect to production with broad human credentials. Hoop applies real-time controls, routing risky actions for human approval via Slack or Teams, one command at a time.

See agent controls →
$ claude "payments returning 503s, diagnose" ⟡ Connecting via Hoop read-only profile... ⬡ hoop | profile: readonly-prod | cluster: prod-us-east ⬡ hoop | kubectl get pods -n payments ⟡ Found 3/5 pods in CrashLoopBackOff ⟡ Root cause: OOMKilled, memory limit 256Mi ⟡ Proposed fix: kubectl set resources deploy/payments --limits=memory=512Mi ⬡ hoop | Write command detected. Routing... ⬡ Revised: rollback to stable image kubectl set image deploy/payments payments=payments:v2.3.1 ⬡ hoop | Approved. Deploying... deployment.apps/payments updated to v2.3.1 ⟡ Rollout complete. 5/5 pods running. ⬡ hoop | Audit: 4 cmds, 1 rejected, 1 approved ⬡ hoop | Replay: app.hoop.dev/sessions/7f3a91c2
Agent approval flow
H
Hoop access request
from claude-agent via #infra-approvals
Pending
Command
kubectl set resources deploy/payments --limits=memory=512Mi --requests=memory=256Mi
prod-us-eastnamespace: payments
Agent reasoning
3/5 pods OOMKilled at 256Mi. Increasing memory limit to 512Mi to restore service.
Approve
Reject

MEASURE WHAT MATTERS

Give your risk team numbers they’ve never had.

Every session flows through the gateway. For the first time, you can measure and report on data-in-transit risk. The metrics your CISO and board actually care about.

ARCHITECTURE

Deploy in your network. Connect your IdP. Define your rules.

Protocols supported: PostgreSQL, MySQL, MSSQL, MongoDB, Kubernetes, SSH, HTTP/gRPC, RDP, and more.

01

Deploy the gateway

Deploy Hoop in your cloud (AWS, GCP, Azure, on-prem). One deployment covers all protocols. No schema discovery. No agents on endpoints.

02

Connect your identity provider

Connect via OIDC. Every session is authenticated with short-lived tokens. No standing credentials, no static certificates.

03

Define your policies

Mask PII in database responses. Block destructive commands. Require approval for production writes. Rules apply instantly across all connected resources.

postgres
$ hoop connect postgres:prod
Connected to postgres:prod
Session sess_01jkx7r2nb4f
Identity alice@corp.com
Auth OIDC · token expires in 8h

BUILT FOR

Organizations where data in motion is the business.

Hoop is most valuable where sensitive data flows constantly and the cost of a breach, a leak, or a bad command is existential.

Financial services moving money, trades, and client data across systems every second
Healthcare organizations handling PHI across distributed infrastructure
Public companies with SOX, SOC2, and audit requirements they cannot afford to fail
Any organization deploying AI agents against production infrastructure

ENTERPRISE READY

SOC 2 Type II. Self-hosted. Air-gapped. Production-proven.

Hoop runs entirely inside your infrastructure. The AI models that power data masking, session analysis, and risk classification deploy on your hardware. No data leaves your network. No third-party AI services. No external dependencies to approve with security, legal, or procurement.

Multiple companies listed on the New York Stock Exchange run Hoop in production today. The platform has passed critical security validations, annual penetration tests, and enterprise vendor assessments. We run Hoop on Hoop: every session our own team executes goes through the same gateway, the same guardrails, the same audit trail.

Certified

SOC 2 Type IIGDPR compliantAnnual pen-testsCNCF memberOpen-source core

Generates evidence for

HIPAAPCI-DSSSOXNIST 800-53ISO 27001FedRAMPHITRUSTCCPALGPDGLBAFISMANERC CIP

Deployment

100% self-hosted

Gateway, control plane, and AI models on your infrastructure

Air-gapped compatible

Zero external calls. Runs in classified and restricted environments

On-prem and bare metal

Not cloud-specific. Kubernetes, Docker, VMs, or bare metal

Self-hosted AI models

One-click deploy. No third-party AI APIs. No data exfiltration risk

Trusted by NYSE-listed companies in production. We run Hoop on Hoop.

DATA VISIBILITY

See every sensitive data flow across your infrastructure.

For the first time, your security team has a real-time map of what sensitive data is actually moving between systems. PII, PHI, PCI, credentials. Classified continuously, not discovered after a breach.

PostgreSQL Prod12,847 PIIMySQL Analytics4,291 SSNKubernetes Cluster8,102 PCISSH Servers2,519 PHIgRPC Services6,730 PIIHoop GatewayFields inspected0Engineering TeamAI AgentsCI/CD PipelineThird-party SaaS

DATA CLASSIFICATION

You didn’t know this data was moving. Now you do.

The gateway classifies every field that flows through it. Emails, SSNs, credit cards, API keys, medical records. Continuous discovery across every protocol, every connection, every session.

Data ClassificationNo visibility
Total Fields Scanned
?
Sensitive Fields Found
?
Coverage
?
Data Types
?
Data TypeFields DetectedSourcesCoverageRisk Level
Email Addresses0?Unknown
Social Security Numbers0?Unknown
Credit Card Numbers0?Unknown
API Keys & Secrets0?Unknown
Phone Numbers0?Unknown
Medical Records (PHI)0?Unknown

EGRESS PROTECTION

Sensitive data stops at the boundary. Masked or blocked. Every time.

Every query response, every API call, every file transfer that crosses from your private network to external systems passes through the gateway first. What leaves your network is what you decide leaves your network.

Private Network
prod-dbPostgreSQL
analytics-dbMySQL
user-servicegRPC
infra-clusterKubernetes
hoop
inspectmasklog
External
Developer Laptops
Claude Code / AI Agents
Third-party SaaS
CI/CD Pipeline
14,287 sensitive fields masked|845 blocked at boundary|100% logged

INCIDENTS PREVENTED

Every blocked command is an outage that never happened.

DROP TABLE blocked. Unmasked SSNs stopped before the API response. AI agent DELETE rejected in 28 seconds. Your CISO sees the near-misses quantified in dollars and hours — not buried in logs.

Incidents PreventedThis Quarter
$0 exposure avoided
CRITICAL
DROP TABLE users blocked
Est. 3h downtime prevented
$180K saved
14:32 UTC
HIGH
Unmasked SSNs in API response stopped
2,847 records protected
$2.4M exposure avoided
14:28 UTC
MEDIUM
AI agent attempted prod DELETE
Rejected by @sarah.chen in 28s
Escalation prevented
14:15 UTC
HIGH
PCI card data in Claude Code context
Masked before model ingestion
Compliance maintained
13:58 UTC
CRITICAL
kubectl delete namespace prod
Blocked by guardrail
Full cluster outage prevented
13:41 UTC

APPROVAL WORKFLOW ROI

920 hours returned to engineering. Every month.

Manual access approval takes 47 minutes on average. Hoop takes 34 seconds. At 1,200 cycles per month, that’s 920 hours your engineering team gets back. Approval that’s faster, auditable, and policy-driven.

Approval Workflow ROILast 30 days
Manual Process
Engineer requests access0:00
Slack message to manager...
Manager sees notification+12 min
Escalation to security team+28 min
Manual review & approval+47 min
With Hoop
Command detected by gateway0:00
Slack notification sent+2s
Context + risk level shown+3s
One-click approve/reject+34s
1,200 approval cycles × 46 min saved = 0 hours returned to engineering

ENTERPRISE OUTCOMES

What your leadership sees after deployment.

Continuous compliance posture. Risk reduction at scale. Evidence your auditors actually accept. The numbers your board cares about.

Compliance Report
BeforeWith Hoop
0/ 100
GAPS DETECTED
Identity3/4
Audit Trail3/6
Access Control2/6
Data Protection2/6
Monitoring3/5
SOC 2GDPRPCI DSSHIPAA
CC6.1Logical Access SecurityAccess Control
CC6.3Data-in-Transit EncryptionData Protection
CC6.6Session-Level Access ControlsAccess Control
CC6.7Data Masking & RedactionData Protection
CC7.2Anomaly Detection & MonitoringMonitoring
CC8.1Audit Trail & EvidenceAudit Trail
Organizational Impact
Last 30 days
0PII Fields Masked
0Destructive Commands Blocked
0Sessions Audited
0%Compliance Score
Risk Reduction
PII Exposure87%
Unaudited Sessions64%
Ungoverned AI Access92%
Compliance Gaps48%
Compliance Trend
90% target
Sep
Oct
Nov
Dec
Jan
Feb
Mar
SepOctNovDecJanFebMar

Your data is in transit right now. Unprotected.

We’ll connect to your environment and surface risks your current tools can’t see. No commitment. Just visibility.

See your hidden risk →Get started free →