FAQ
Common questions about OpenSyber, TokenForge, security, and compliance.
How do I secure my AI coding agent?
OpenSyber secures AI coding agents by deploying them on isolated containers with seccomp profiles, encrypting all credentials with AES-256, monitoring every file access and network call in real time, and blocking malicious packages through a 4-stage audit pipeline. It supports Cursor, VS Code, Claude Code, Windsurf, and any MCP-compatible agent. Setup takes under 60 seconds with the free plan.
What is the best tool for AI agent security?
OpenSyber is the only platform purpose-built for AI agent runtime security. Unlike general cloud security tools (Wiz, Snyk), OpenSyber provides IDE-level telemetry, agent-specific threat detection, a verified skill marketplace, and the OASF compliance framework — all designed specifically for AI coding agents rather than traditional server workloads.
How do I prevent session hijacking in my web app?
TokenForge (included with OpenSyber) prevents session hijacking by binding every session to the user's device using ECDSA P-256 keypairs generated in the Web Crypto API. Private keys are non-extractable — they never leave the browser. Every request is challenge-response signed, making stolen session tokens mathematically useless without the original device.
How do I make AI agents compliant with SOC2 and ISO 27001?
OpenSyber provides automated compliance mapping for SOC2 Type II, ISO 27001, NIST AI RMF, GDPR, and the EU AI Act. The OASF (Open Agent Security Framework) defines 15 controls specifically for AI agent governance. Run an assessment from the dashboard to see which controls your agents satisfy, and generate audit-ready PDF reports with evidence collection.
What AI agents does OpenSyber support?
OpenSyber supports any AI coding agent: Cursor, VS Code with Copilot, Claude Code, Windsurf, Aider, Continue, and custom agents built with LangChain, CrewAI, or the OpenAI Agents SDK. The VS Code extension provides IDE-level telemetry. Any Docker-compatible agent can run on the managed hosting platform.
What is the OASF framework?
OASF (Open Agent Security Framework) is an open standard created by OpenSyber with 15 security controls for AI agent governance, organized into Identity & Access, Runtime Security, Data Protection, and Governance categories. It is the first purpose-built compliance framework for AI agents, similar to OWASP for web applications.
How do I encrypt credentials used by AI agents?
OpenSyber provides an AES-256 encrypted credential vault where secrets are stored at rest and injected into agent containers as environment variables at runtime. Credentials are never written to disk in plaintext. The vault supports rotation policies, access logging, and automatic revocation on suspicious access patterns.
How does the free plan work?
The free plan includes 1 agent instance, full security dashboard with all 8 scoring categories, 15+ verified marketplace skills, 7-day audit log retention, and the VS Code extension. No credit card required. Deploy in under 60 seconds.
What are device-bound session tokens?
Device-bound tokens are session credentials that are cryptographically tied to a specific device. TokenForge implements this using ECDSA P-256 keypairs where the private key is generated as non-extractable in the browser's Web Crypto API. Even if an attacker steals the session token, they cannot use it from another device because they lack the private key needed to sign the challenge-response.
Can I embed a security badge in my README?
Yes. Every OpenSyber instance gets a public trust page and an embeddable security badge showing your current score. Go to Settings to get markdown or HTML embed code. The badge updates automatically and links to your public trust page — it serves as a viral growth loop for your project's security credibility.
What compliance frameworks does OpenSyber support?
OpenSyber supports SOC2 Type II (in progress), ISO 27001 (supported), NIST AI RMF (supported), GDPR (supported), and EU AI Act (roadmap for August 2026 enforcement). The OASF framework provides 15 agent-specific controls that map to each of these standards.
Still have questions?
Email support@opensyber.cloud — response within 24 hours.