Overview
Noma discovers, governs, and protects AI and agents across the enterprise — from homegrown AI to SaaS agents and coding assistants. It intercepts agent actions before execution, evaluates them against policy and accumulated session context, enforces a decision, and records a tamper-evident audit trail, integrating through an SDK, a protocol gateway, an AI gateway, and an MCP gateway.
Classification
- Coverage surface
- MCPAPICloudSaaSData/DB
- Stage
- Launched
- Type
- Commercial
- Target audience
- Enterprise
- Deployment
- SaaSHybridSelf-hosted
Technical profile
Spec-grounded axes, verified by the TWG.
- Interception architecture (R1)
- Protocol GatewaySDK Instrumentation
- Policy model (R3)
- Hybrid
- Authorization decisions (R4)
- ALLOWDENYMODIFYSTEP_UPDEFER
- Conformance level
- Extended (R1–R9)
Conformance review
R1 | Pre-execution interception | ✅ |
R2 | Context accumulation | ✅ |
R3 | Policy evaluation with intent alignment | ✅ |
R4 | Five authorization decisions | ✅ |
R5 | Tamper-evident receipts | ✅ |
R6 | Identity binding | ✅ |
R7 | Semantic distance tracking | ✅ |
R8 | Telemetry export | ✅ |
R9 | Least privilege enforcement | ✅ |
Platform capabilities
- Pre-execution interception of agent actions across SDK, protocol-gateway, AI-gateway, and MCP-gateway integrations
- Session context accumulation across conversation threads and task horizons
- Policy evaluation with intent alignment at action time
- Five-outcome authorization engine: ALLOW, DENY, MODIFY, STEP_UP, DEFER
- Tamper-evident receipts with timestamp and decision context
- Cryptographic identity binding on every action receipt
- Intent-drift detection (AIDR): embedding-based scoring of each action against the session's stated-intent baseline (R7)
- OpenTelemetry export to SIEM/SOAR and observability pipelines for SOC teams (R8)
- Least-privilege enforcement via the Access Control module — constraining capabilities, autonomy, and permissions per action (R9)
Architecture
Noma satisfies all nine AARM requirements (R1–R6 core and R7–R9 extended). Core (R1–R6): Noma intercepts agent-initiated actions before execution, accumulates per-session context (prior actions and data classifications), evaluates each action against organizational policy with intent alignment, and produces one of five authorization decisions. Every decision is written to a tamper-evident audit trail with cryptographic identity binding, enabling forensic reconstruction across sessions. It integrates through an SDK, a protocol gateway, an AI gateway, and an MCP gateway. Semantic distance tracking (R7): Implemented as part of the intent-misalignment module within Noma's AIDR layer. Each session is anchored to the agent's stated intent, and every proposed action or tool call is scored for embedding-based divergence from that baseline — surfacing intent drift before misaligned-but-permitted actions execute. Telemetry export (R8): Decisions are exported via OpenTelemetry to SIEM, SOAR, and observability pipelines; a primary persona is SOC teams consuming this through Noma's SIEM/SOAR integrations. Least-privilege enforcement (R9): Operationalized through Noma's Access Control module, which constrains an agent's capabilities, autonomy, and permissions to the minimum required for each action at enforcement time, rather than provisioning blanket session-wide privilege.
Key facts
| Headquarters | Tel Aviv & New York |
| Funding | $132M+ (Series B) |
| Customers | 500+ enterprises |
Listed in the AARM registry. Conformance verified by the AARM working group.
Work here? Manage this listing →