📍

Matt & Simon are in San Francisco 23 March – 1 April for RSAC and customer meetings. Connect on LinkedIn or email hello@prefactor.tech to meet while they’re in town.

Now in early access

Enterprise AI Agents are live.
The governance isn’t.

AI agents are accessing PII, financial data, and customer records — across every team, every framework, with zero oversight.

Prefactor gives enterprises visibility into what’s happening and the runtime controls to do something about it.

Book a demo →Read the docs
Prefactor — Agent Identity Hub
24
Agents
47
Instances
18
Services
12%
Human Intervene
4
High Risk
$2.4k
Spend / mo
Low Risk Claims Processor
Internal data only — no PII detected
Scoped write access to insurance/claims
1,247 actions today · 0 violations
Claims ProcessorLow
LangChain · Healthy
$330/mo
Low Risk Code Review
Public repositories only — no secrets
Read-only access to frontend codebase
89 PRs reviewed · 0 violations
Code ReviewLow
Vercel AI · Healthy
$160/mo
Medium Risk Financial Analysis
Accesses SAP GL — financial data
Confidential scope · requires approval
2 rate-limit violations this week
Financial AnalysisMed
Claude · Review
$150/mo
High Risk Marketing Content
PII detected: customer names, emails
Attempted upload to pastebin.com
BLOCKED — escalated to security team
Marketing ContentHigh
OpenClaw · Blocked
$90/mo

Track agents from every framework

Claude Vercel OpenAI OpenClaw LangChain CrewAI Custom
The Challenge

“So many agents and frameworks — no way to wrap your arms around them.

Security Lead — Enterprise Software Platform

Production AI agents make thousands of autonomous decisions every day — accessing sensitive data, calling external APIs, and executing actions with no visibility, no guardrails, and no audit trail.

87%
of enterprises lack visibility
into AI agent activity
Cyera 2025
9%
monitor AI agent activity
in real time
Cyera 2025
75%
of tech leaders say governance is
their #1 concern with agentic AI
Gartner 2025

The Visibility Gap

Enterprises can’t see what agents are doing, what data they’re accessing, or when they deviate. Shadow agents multiply across departments unchecked.

The Control Vacuum

No runtime enforcement layer exists. Teams can’t block unauthorized actions or stop agents from accessing sensitive resources in real time.

The Trust Problem

Enterprises can’t deploy agents at scale without governance structure. No identity, no audit trail, no compliance evidence — no path to production.

It’s not if companies leak data through agents. It’s when — and how bad it gets before they start to pull back.
Security Lead — Enterprise Software Platform
Book a demo →

The Enterprise Agentic Control Platform

One control plane. Every agent, every framework.

1

Track

Live activity across every agent, every framework. One feed — who triggered it, what data it touched, and where it went.

Mission Control4 Active
Claims Processor v2
LangChain·Active
Customer Support v3
CrewAI·PII Access
Marketing Content Agent
AutoGen·High Risk
Code Review Agent
OpenAI SDK·Active
2

Assess

Continuous risk scoring. Is it accessing PII, customer records, financial data? What risk does each agent represent?

Risk ManagementScore: 29
29 Critical
High
6
Medium
5
Low
1
19
Permission Issues
26
Blocked Actions
3

Action

Runtime enforcement agents can’t reason around. Block, throttle, sandbox, or escalate — in real time.

Enforcement2 blocked
2
Blocked
1
Throttled
1
Sandboxed
marketing-content
Owner: Jake Morrison (Marketing)
Attempted: POST to pastebin.com/api
Payload: 14KB · PII detected
Escalated to security team
Blocked
marketing-content → pastebin.com
Policy: No external uploads
14s ago
financial-analysis
Owner: Sarah Chen (Finance)
Rate: 47 calls/min (limit: 30)
Data: SAP GL export · Confidential
Pending manager approval
Throttled
financial-analysis → SAP export
Rate limit: Manager approval required
3m ago
new-research-agent
Owner: Unknown (auto-detected)
Framework: Custom · Unregistered
Access: Attempting CRM read
Isolated · 68h remaining
Sandbox
new-research-agent
Unregistered · 72h review period
12m ago
customer-support-v3
Owner: Li Wei (Support)
Attempted: Export 2,341 records
Contains: emails, phone numbers
Auto-blocked · CISO notified
Blocked
customer-support-v3 → PII export
Policy: No PII to external APIs
24m ago
Platform

Explore the full Enterprise Agent Control Plane

See every capability.

See the platform → Book a demo →
How it works

From zero to governed in minutes.

Integrate via SDK or CLI. Prefactor runs at the agent runtime layer — giving you control over every action, every decision, every data flow.

Deploy ~5 min

Install the SDK or connect via CLI. Works with any framework, any cloud, any agent runtime.

Register Instant

Every agent is registered — see what’s running, what data it touches, and what risk it carries.

Set policy ~10 min

Define rules for PII handling, data access, external calls, and spend limits. Apply per-agent, per-team, or globally.

Enforce Real-time

Policies run at the agent runtime in real time. Block, throttle, sandbox, or escalate — agents can’t reason around it.

terminal
$ prefactor init
SDK connected to workspace
scanning agent runtimes...
4 agents registered
claims-processor — Low risk
customer-support-v3 — PII detected
marketing-content — High risk
$ prefactor policy apply --global
3 policies enforced · runtime active
Built for your team

Built by engineers. Governed by leaders. Verified by security.

The agent is so mission oriented that it will reason its way around non-enforced controls — and it thinks it’s done a great job.
Security Lead — Enterprise Software Platform
Book a demo → Become a partner →
Frequently asked questions

What you need to know

What is an agent control plane?
An agent control plane is the governance layer that shows which AI agents are running, what they can access, how they perform, and whether they stay inside approved boundaries. It centralizes policy enforcement, audit trails, and approval workflows across frameworks.
What is AI agent governance?
AI agent governance is the set of policies, controls, and review workflows that determine how agents are deployed, what identities and permissions they receive, how their behavior is monitored, and what happens when risk thresholds are crossed.
Is Prefactor only for enterprises?
Prefactor is built for enterprises managing AI governance at scale — organisations dealing with agentic sprawl across departments, frameworks, and compliance boundaries. That said, governance challenges aren’t unique to large organisations. Prefactor works for teams of all sizes, from startups shipping their first production agents to government agencies.
How do you enforce governance on AI agents at runtime?
Runtime governance means applying policies directly at the agent execution layer - blocking risky actions, detecting PII in outputs, and routing high-risk operations for human approval. Unlike static rules, runtime enforcement adapts as agents operate.
What is the difference between AI security and agent governance?
AI security focuses on threats such as prompt injection, data leakage, model misuse, and compromised tooling. Agent governance focuses on whether agents are approved, operating within scope, producing acceptable outcomes, and following the right human or policy controls in production.
Why do AI agents need identity and scoped access?
AI agents need their own identity and scoped access so each action can be tied to a specific agent, task, and user context. That enables least privilege, traceability, token revocation, and safer delegation than static shared credentials.
How does Prefactor govern AI agents in production?
Prefactor assesses outcome quality, cost efficiency, and scope adherence across AI agents, then can block actions, route them for approval, or record them for audit when policy thresholds are crossed.