Cybersecurity · sub-niche
AI agent permissioning.
Who can run which agent? What can the agent see? The IAM layer for the agent era.
One-quarter buildHot — multiple deals per month
Why now
Agents inherit user permissions implicitly. Audit teams are starting to ask for explicit policy boundaries.
What the signal looks like
Repos with policy DSLs, OAuth / OIDC adapters for agents, and MCP-aware permission frameworks.
Public examples
We name publicprojects + categories only — never founders we track inside the paid product. The buyer’s edge stays inside the product.
- Cerbos / OPA-style policy engines
- MCP-aware permission frameworks
- Open-source agent IAM
What this displaces
A wide-open API key with no policy boundary.
Our build-vs-invest call
New category. Real demand at AI-mature enterprises. Build only with prior IAM or policy-engine background.
Common questions about this niche
- Is this a feature of identity providers?
- Eventually. The wedge is 18-24 months.
- Buyer?
- CISO + AI platform team.
- Defensibility?
- Policy DSL + agent integration ecosystem.
More inside Cybersecurity
- LLM firewall tooling — WAF for AI agents — prompt injection blocking, output sanitization, policy enforcement at the API boundary.
- Supply chain attack detectors — Catch malicious npm / PyPI packages before they land in production.
- Secret rotation automation — Secrets that rotate themselves — across HashiCorp Vault, AWS Secrets Manager, GitHub, and your CI.
- OSS vulnerability graphs — The dependency graph for open source vulnerabilities, indexed for AI agents and humans.