Coming Soon
Dome
Your code doesn't build unless it's secure.
Security policies as a type system. One file per endpoint. Build-time enforcement, runtime proxy, and kernel-level sandboxing. Dome discovers your routes, generates policies with AI, and enforces them at three layers.
Build Time
Static Analysis
ast-grep rules fail the build on missing auth or raw SQL.
Runtime
Reverse Proxy
Pingora proxy enforces rate limits, auth, response scanning.
Kernel
OS Sandboxing
Landlock/Seatbelt profiles with per-endpoint isolation.