Oso

Agent security and authorisation platform that provides visibility and controls for AI coding agents. Three-phase approach: Scope (map permission posture, identify over-privileged identities, recommend what to reduce before agents inherit them), Monitor (real-time visibility into agent actions with risk-classified alerts), and Enforce (policy-driven controls that block unsafe agent behaviour). Maintains a Rogue Agents Registry documenting real-world AI agent incidents. Customers include Verizon, Visa, Duolingo, Wayfair, Webflow, PagerDuty, Brex, Intercom, and Honeycomb. Research shows employees ignore 96% of their permissions — agents won't.

Addresses the fundamental problem that AI agents inherit human permissions but use all of them, unlike humans who self-limit. Maps the permission posture across the organisation, classifies risk, and recommends scoping down before agents are deployed. Runtime monitoring detects anomalous agent behaviour and policy violations. The authorisation engine integrates with existing identity providers to enforce least-privilege dynamically.

Use when rolling out coding agents (Cursor, Claude Code, Copilot) and need to answer: what can these agents access, and should they? Particularly valuable for organisations where developers have accumulated broad permissions over time. Enterprise platform — customers include multiple Fortune 500 companies.

Risks addressed — mapped to both OWASP Top 10 standards. 1 in LLM, 4 in Agentic.

What Yuntona stores. Single source of truth — fork it on GitHub.

name: Oso
slug: oso
type: Mixed
category: Identity & AppSec
url: https://osohq.com

reviewed:   2026-04
added:      2026-04
updated:    2026-04

risks:
  llm:  [LLM06]
  asi:  [ASI01, ASI02, ASI04, ASI08]

complexity:    Plug & Play
pricing:       —
audience:      AppSec · CISO
lifecycle:     [deploy]

tags: [Agent Security, Authorization, Commercial, Least Privilege, Observability]