Golf

--- Antoni Gmitruk and Wojciech Blaszak looked at the AI agent explosion happening inside every enterprise right now and saw something nobody else was talking about: a massive security blind spot hiding in plain sight. Every company is shipping AI agents—Cursor, Claude Code, Copilot—and they're all connecting to production data through MCP (Model Context Protocol). The problem? These connections bypass your SIEM, your DLP, your identity layer. Your security team has zero visibility. Golf is the control layer that sits between your AI agents and your data, discovering every MCP connection, enforcing policies in real time, and making your audit team actually able to sleep at night.

Here's the scary part—the website literally describes engineers connecting Cursor to your codebase, reading customer records and deal pipelines, exporting data, and your security team never gets notified because the engineer set it up in 30 seconds. Claude Code is out here querying production databases and closing issues across your org with zero approval. Copilot is pushing code right now and could be injecting hidden instructions that exfiltrate data or escalate permissions. It looks normal. Your security stack doesn't see it. There's no LLM control, no visibility—just a blind stack.

Golf operates at the MCP layer itself, not the LLM layer, which means they don't control the model and they don't change how people work. They just make sure every connection is discovered, enforced, and audited. They've got three products—Discover for shadow AI detection, Enforce for real-time policy enforcement and threat detection, and Audit for compliance evidence export in minutes. They're SOC 2 Type II certified, Y Combinator batch, and they're building the infrastructure every enterprise is going to need when their board asks "who has access to our data through AI?"

This is the governance layer for the agentic future. Every company racing to ship AI agents is building on a foundation of sand—and Golf is selling the cement.