LoxeAI
Machine-verifiable AWS audit evidence for SOC 2, every finding traced.

LoxeAI is a compliance tool that scans your AWS environment and generates a machine-verifiable SOC 2 audit evidence package, with every finding traced to the exact AWS API call that produced it via SHA-256 hashing. It provisions a read-only IAM role to perform the scan and produces a gap report in minutes rather than weeks. An AI compliance copilot called Gideon then guides remediation with copy-pasteable CLI commands and policy generators.
Users deploy a read-only CloudFormation IAM role, paste the ARN into LoxeAI, and the tool scans AWS services to produce a SHA-256-hashed evidence package with gap scores and remediation guidance.
SaaS founders and CISOs preparing for SOC 2 audits
Background.
- Status
- launched
- Business model
- freemium
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.