Golf
The enterprise firewall for MCP providers
524 followers
The enterprise firewall for MCP providers
524 followers
Golf is the enterprise control plane for MCP. It gives security and IT teams full visibility into how AI connects to enterprise systems — with policy enforcement, real-time threat blocking, and a complete audit trail. Discover, enforce, audit. End-to-end.
Golf
👋 I'm Wojciech, co-founder of Golf.
Your MCP server can be tricked into serving malicious data. We built the firewall to stop it.
This isn't about bad input or broken requests. Here's the attack: Your MCP server fetches data for an agent - a customer record, a support ticket, anything. But that data contains a poisoned prompt. When your server sends it back, it hijacks your customer's agent. Now you're the vector.
Antoni and I have been building in the MCP space since February. Over the past 10 months, we've worked with startups and Fortune 500s on their MCP strategies and production deployments. Across every implementation, the same pattern emerged: security is the #1 blocker preventing enterprise MCP adoption.
That's why we built Golf.
See demo here:
What Golf Does
Golf Firewall is the first security layer purpose-built for MCP servers. It sits between your data platform and customer agents, inspecting every response in real-time:
✅ Stops prompt injections before they reach agents
✅ Filters PII automatically to maintain compliance
✅ Blocks credential exposure in server responses
✅ Runs on-premises - your data never leaves your infrastructure
It's how you make your MCP server secure, compliant, and enterprise-ready.
For the Product Hunt Community
Golf runs on-premises in your infrastructure. For the PH community, we're offering something better than a demo: a free 30-minute MCP Security Assessment.
Book a slot at https://cal.com/wojciech-blaszak... - we'll:
Audit your current MCP implementation for vulnerabilities
Show you real examples of prompt injection attacks in the wild
Map out your compliance requirements (SOC 2, GDPR, HIPAA)
Give you a security roadmap even if you don't use Golf
Our Ask
As one of the first teams securing this protocol, we'd love your feedback:
- How are you thinking about securing data you serve agents?
- What other "outbound" security risks in agent-to-agent communication worry you?
- For those already shipping MCP servers: what's blocking you from going full production?
We'll be here all day answering questions and talking shop about MCP security.
Thanks for the support!
- Wojciech & Antoni, Golf
@wbbw1 On premises deployment makes sense for enterprise, but what's the latency hit on inspecting every response in real time? That could kill performance for high volume MCP servers.
Product Hunt
You're doing god's work.
Me and some colleagues are trying to understand though -- why "Golf"? Is there some hidden meaning?
Golf
@andrew_g_stewart "your MCP security done in one" ;)) the real thing is, I do drive Volkswagen Golf lol
This looks sick! Are you guys planning to release some benchmarks or public experiments to expose how big of an issue this is?
Golf
@luca_martial Thanks Luca! Yes, we are planning to release case studies soon. We've done quite a few benchmarks and experiments on already released public MCP servers, and there are some interesting results.
Golf
@luca_martial thanks:) we are planning to
damn I was recently trying to figure it out with my enterprise client.
dm me guys, I need to try it
Golf
@artur_wala1 exciting! just sent you DM
Agnes AI
MCP usage is totally naked at the moment.... Golf provides a solution for MCP safety. Cant wait to try it out to integrate into our agent flows.
Golf
@cruise_chen Thanks! I totally agree - that's exactly why we built Golf Firewall: to bring security and visibility into every MCP session. I'm looking forward to you trying it out and seeing how it fits into your product!
Golf
@cruise_chen nice! would love to learn more about your use case
Very cool stuff. And a very real fear. How big of a problem is this so far? i’d be curious to hear the horror stories.
Golf
@aiden_lee10 Yeah, we’ve seen a lot. We’ve done quite a few red-teaming exercises on public MCP servers, and the results were honestly terrifying. Case studies coming soon!
Golf
@aiden_lee10 will ping u next week with case study
Wish for you to succeed, guys! The idea is awesome, I really love how you built the Session Flow diagram, really nice.
Golf
@pasha_tseluyko thank u:)