Golf

Enterprise MCP Control Plane

746 followers

Enterprise MCP Control Plane

746 followers

Visit website

Safety and Privacy platforms

•

Security software

Golf is the enterprise control plane for MCP. It gives security and IT teams full visibility into how AI connects to enterprise systems — with policy enforcement, real-time threat blocking, and a complete audit trail. Discover, enforce, audit. End-to-end.

This is the 2nd launch from Golf. View more

Golf

Launched this week

Enterprise MCP Control Plane

Govern and secure AI agents and MCP servers with centralized visibility, policy control, and audit trails. Security, compliance, and control for the agentic era.

Payment Required

Launch tags:Artificial Intelligence•Security

Launch Team / Built With

Unblocked — Get AI agents to generate code that fits your system.

Get AI agents to generate code that fits your system.

Promoted

This is the layer everyone is going to need and nobody is building yet. The stat about finding 150 MCP servers where 50 had destructive production access and nobody on the security team knew they existed is wild but also exactly what I'd expect.

Gianmarco's question about multi-agent audit trail attribution is the hard one. When an orchestrator spawns sub-agents that each hit MCP tools, tracking causality through that chain is brutal. The governance layer basically has to reconstruct the agent's decision tree in real time, not just log individual tool calls. Are you doing that already, or is attribution still at the session level right now?

MCP governance is going to be table stakes in 6 months. Good timing on this.

Report

2d ago

Golf

Maker

📌

👋 I'm Wojciech, co-founder of Golf. Antoni and I have been building MCP infrastructure since the earliest days of the protocol. Over the past year, we've worked with enterprises using MCP at scale - and the same gap kept showing up: there are vertical solutions, but there's no end-to-end platform for governing how AI connects to enterprise systems. That's what Golf is. We're backed by Y Combinator and already in production at multi-thousand-employee organizations. Here's the problem we kept seeing: If you're a platform or IT team trying to enable AI tools across your org, you're stuck. You maintain a Notion allow list. Every new MCP server goes through a manual security review. And if a server has one risky tool - say a write action to production - you block the entire server. Your engineers lose access to everything, even the safe parts. That's not governance. That's a bottleneck. Meanwhile, engineers don't wait. At one company, we found 150 MCP servers running across the org. 50 of them had the ability to perform destructive actions on production systems. Nobody on the security or platform team knew they existed. What Golf does: Golf is the control plane that lets you enable your entire engineering org - without losing control. → Discover - find every MCP server and AI connection across your org. See what's running, who's using it, what data it touches. Assess and remediate the risk. → Enforce - control what every agent can do at the tool level. Allow read, block write, require approval. Block prompt injections, PII leaks, and credential exposure in real-time. All tied to real identities through your IDP. → Audit - full trail of every agent action. When compliance asks what AI touched customer data - you have the answer. For the PH community: We open-sourced our MCP inventory scanner. You can run it today, find every MCP server in your environment, and assess risk - no Golf account needed. → Try the scanner: [link] When you're ready for the full platform - enforcement, tool-level policies, audit trails - talk to us at https://golf.dev. Our ask: We'd love to hear from you: How are you managing MCP adoption across your teams today? What's blocking you from enabling AI tools org-wide? We'll be here all day. Let's talk. - Wojciech & Antoni

Report

14d ago

bunny.net

@wbbw1 awesome work, congrats on the launch!

Report

6d ago

Golf

Maker

@marek_nalikowski thanks a lot!

Report

6d ago

@wbbw1 congrats!

Report

6d ago

The "no end-to-end governance layer" observation is exactly right — most enterprise MCP security today is point solutions bolted on. The question that gets interesting at scale: how does Golf handle agent identity in multi-agent chains? If an orchestrator spawns five sub-agents that each call MCP tools, does the audit trail attribute actions to the orchestrator, each sub-agent individually, or the human session that triggered the chain? That attribution layer seems like the hardest part to get right — and the one that makes the difference between a compliance checkbox and a tool a SOC team actually trusts.

Report

6d ago

Golf

Maker

@giammbo Great question! Golf governs employees connecting your internal systems to third-party AI tools via MCP. Think an engineer using Cursor or Claude Desktop hitting your internal Notion, GitHub, or production database through MCP. In that case, you don't control anything - neither the agent, nor the tools your employees are connecting to them.

In that model, attribution is actually clean: every MCP tool call is tied to a real employee identity through your IDP. The audit trail shows you which person, using which agent, called which tool, on which system — with the full request and response. When compliance asks, "who let Claude touch customer data last Tuesday?" - you have a name, a timestamp, and the exact action.

Report

6d ago

@antoni_gmitruk1 That makes attribution much cleaner in the single-user case. The edge I keep thinking about: as Cursor and Claude Desktop get more agentic, an engineer might kick off a task and step away while the agent runs 30 tool calls autonomously. Same IDP identity — but very different oversight level. Does Golf capture anything at the session level that flags autonomous execution vs direct user-initiated calls?

Report

6d ago

Hey Wojciech, that story about finding 150 MCP servers running across an org with 50 of them able to hit production, and nobody on security knowing, is wild. Was that a specific company where you discovered that and everyone’s face just dropped?

Report

6d ago

Golf

Maker

@vouchy Yeah, honestly, not sure who was more surprised, us or them. The scanner doesn't lie though 😅

Report

6d ago

Told

The 'control plane' framing is smart — as MCP adoption scales across enterprise teams, the governance layer is often an afterthought until something goes wrong. Centralized audit trails for agentic actions in particular will be a real selling point for compliance-heavy orgs. Curious how you handle policy conflicts when multiple teams have deployed agents with overlapping permissions — is that a manual resolution process or something Golf enforces automatically? Also wondering if the tooling surfaces enough context in the audit trail for non-technical stakeholders (legal, infosec) to actually act on what they're seeing.

Report

5d ago

Trufflow

Visibility is so important. People forget things all the time. Having to deal with "orphaned" MCPs that could become the next security risk is definitely not ideal.

Report

6d ago

Most enterprise infra tools I've tracked struggle with the validation paradox: enterprises want proven scale, but scale requires enterprise adoption first. Are you seeing traction through bottom-up developer adoption or top-down enterprise sales?

Report

4d ago

1 2

Have a question about Golf? Ask it here and get a real answer.

Previous Golf Launches

Golf The enterprise firewall for MCP providers

Launched on November 6th, 2025