The coding agents your engineers already run
Claude Code and OpenCode are watched live, with explicit session attribution –
provably this session. Codex sessions arrive via ingest and are labelled the way
the evidence deserves: inferred. Attribution grades are part of the record, not a footnote.
Claude Code · live
OpenCode · live
Codex · ingest, inferred
AWS CloudTrail + AgentCore
Agents on AWS
Which agent role read that secret? CloudTrail knows. Now you do.
Your agents don’t stop at the model call – they assume IAM roles, read secrets
and call AWS services under identities your SOC rarely watches. RAXE reads your live
CloudTrail and raises detections as agent activity lands: an agent role reading a secret
becomes a data-exfiltration alert in the console, on the same timeline as gateway claims
and kernel-observed file access. Bedrock AgentCore telemetry joins that timeline too.
CloudTrail · live detection
AgentCore telemetry
Correlation, not exact attribution