Golf
Enterprise MCP Control Plane
1 follower
Enterprise MCP Control Plane
1 follower
Golf is the enterprise control plane for MCP. It gives security and IT teams full visibility into how AI connects to enterprise systems - with policy enforcement, real-time threat blocking, and a complete audit trail. Discover, enforce, audit. End-to-end.
Golf
👋 I'm Wojciech, co-founder of Golf. Antoni and I have been building MCP infrastructure since the earliest days of the protocol. Over the past year, we've worked with enterprises using MCP at scale - and the same gap kept showing up: there are vertical solutions, but there's no end-to-end platform for governing how AI connects to enterprise systems.
That's what Golf is. We're backed by Y Combinator and already in production at multi-thousand-employee organizations.
Here's the problem we kept seeing:
If you're a platform or IT team trying to enable AI tools across your org, you're stuck. You maintain a Notion allow list. Every new MCP server goes through a manual security review. And if a server has one risky tool - say a write action to production - you block the entire server. Your engineers lose access to everything, even the safe parts.
That's not governance. That's a bottleneck.
Meanwhile, engineers don't wait. At one company, we found 336 MCP servers running across the org. 96 of them had the ability to perform destructive actions on production systems. Nobody on the security or platform team knew they existed.
What Golf does:
Golf is the control plane that lets you enable your entire engineering org - without losing control.
→ Discover - find every MCP server and AI connection across your org. See what's running, who's using it, what data it touches. Assess and remediate the risk.
→ Enforce - control what every agent can do at the tool level. Allow read, block write, require approval. Block prompt injections, PII leaks, and credential exposure in real-time. All tied to real identities through your IDP.
→ Audit - full trail of every agent action. When compliance asks what AI touched customer data - you have the answer.
For the PH community:
We open-sourced our MCP inventory scanner. You can run it today, find every MCP server in your environment, and assess risk - no Golf account needed.
→ Try the scanner: [link]
When you're ready for the full platform - enforcement, tool-level policies, audit trails - talk to us at https://golf.dev.
We'd love to hear from you:
How are you managing MCP adoption across your teams today?
What's blocking you from enabling AI tools org-wide?
We'll be here all day. Let's talk.
- Wojciech & Antoni