PH
Back to Explore

Golf

Safety and Privacy platforms

Enterprise MCP Control Plane

💡 Golf is the enterprise control plane for MCP. It gives security and IT teams full visibility into how AI connects to enterprise systems — with policy enforcement, real-time threat blocking, and a complete audit trail. Discover, enforce, audit. End-to-end.

"Golf is the 'Air Traffic Control' for your enterprise AI agents—ensuring every connection is cleared for takeoff and tracked until landing."

30-Second Verdict
What is it: Golf is the 'Enterprise Firewall' for the MCP protocol, used to monitor, control, and audit connections between AI agents and internal data.
Worth attention: Highly worth watching. As MCP becomes the standard for AI connectivity, enterprise compliance is a must-have. Golf hits the pain point of the 82% of companies deploying AI without security policies.
7/10

Hype

8/10

Utility

390

Votes

Product Profile
Full Analysis Report

Golf: The Enterprise Security Gateway for the MCP Era, a "Firewall" for AI Agent Connections

2026-03-06 | ProductHunt | Official Site | GitHub

Product Interface - MCP Server Security Scan

Gemini's Take: This is Golf's core interface—the MCP server security scan view. A single scan discovered 203 MCP servers, with 34 flagged as Critical risk. The interface identifies which AI tool (Copilot, Claude Code, Windsurf) is using each server and how many devices are linked. The dark, glassmorphism design definitely appeals to the developer aesthetic.

30-Second Quick Take

What it is: Simply put, Golf is the "Enterprise Firewall" for the MCP protocol. Right now, employees are using tools like Cursor, Claude, and Copilot to connect to company data via MCP, and security teams are flying blind. Golf lets you see every connection, enforce security policies, and generate audit logs.

Is it worth watching?: Yes. MCP is becoming the de facto standard for AI agents connecting to enterprise data, but security is the #1 hurdle for adoption. Golf addresses a real and urgent pain point—82% of enterprises have deployed AI agents, but only 44% have security policies in place. That gap is Golf's opportunity.

Three Questions That Matter

Is this for me?

  • Target Audience: Enterprise security teams, IT admins, DevOps/Platform Engineering teams, CISOs.
  • Are you the one?: If you're responsible for AI tool security in your company, or if you're building MCP servers for clients, you are the target user.
  • Use Cases:
    • Your developers are using Cursor/Claude to connect to production databases → You need Golf to monitor and control this.
    • You're a SaaS provider offering MCP interfaces → You need Golf Firewall to protect that data.
    • Auditors ask, "Which customer data did AI access last quarter?" → You need Golf's audit logs.
    • You're an indie dev wanting to build an MCP server fast → Use the open-source GolfMCP framework.

Is it actually useful?

DimensionBenefitCost
TimeSave 2-4 weeks on MCP auth/telemetry/transport setupAbout half a day to learn the Golf framework
MoneyAvoid compliance fines (up to 7% of global revenue in finance)Enterprise version requires sales contact; framework is free
EffortOne platform for discovery, policy, and auditingRequires basic knowledge of the MCP protocol

ROI Judgment: For enterprise users, this is a necessity—the cost of a breach or non-compliance far outweighs the subscription. For indie devs, the open-source framework significantly lowers the barrier to building MCP servers and is well worth a try.

Is it impressive?

The "Cool" Factor:

  • One-click Shadow AI Scanning: Instantly discover every MCP server and AI connection in the company, including the ones security doesn't know about.
  • Sub-ms Policy Enforcement: Policy execution latency is sub-millisecond, meaning zero impact on user experience.
  • golf deploy in 60 seconds: The open-source framework can deploy an MCP server with auth and telemetry in under a minute.

The "Wow" Moment:

"This is what the MCP ecosystem needed. The hardest part of building MCP servers was always the boilerplate — routing, auth, telemetry. If Golf handles all that, the barrier to entry just dropped to near zero. Huge for indie devs." — @saen_dev

Real User Feedback:

Positive: "Enterprise control plane is the right direction." — @Absolcasso Constructive Critique: "One layer worth adding: inspect what MCP servers actually return. A compromised server can inject instructions inside a legitimate-looking response." — @Absolcasso

For Indie Developers

Tech Stack

  • Language: Python 3.10+
  • Base Framework: FastMCP (Golf adds a convention-over-configuration wrapper)
  • Auth: JWT, OAuth Server, API keys, dev tokens
  • Telemetry: OpenTelemetry SDK + PostHog
  • CLI: Typer + Rich
  • Validation: Pydantic
  • Log Export: Elasticsearch, Datadog
  • License: Apache-2.0

Core Implementation

Golf's architecture has two layers. The bottom is the open-source GolfMCP framework—a convention-over-configuration MCP Server Framework. You write Python files following a specific directory structure (tools/, prompts/, resources/), and Golf automatically discovers, parses, and compiles them into a runnable MCP server. For example, tools/payments/submit.py automatically registers as the submit-payments tool.

The top layer is the commercial Golf Firewall/Gateway. It sits in front of your MCP server, and all traffic passes through it. It features a fine-tuned LLM for real-time prompt injection detection, classifying and allowing/blocking requests based on policy. It also provides full audit logs exportable to Elasticsearch and Datadog.

Open Source Status

  • Open Source: The GolfMCP framework is fully open (Apache-2.0), with 776 stars and 58 forks.
  • GitHub Org: golf-mcp, including golf-scanner-mcp (scanner) and authed-identity (auth protocol).
  • Build Difficulty: Low (for the framework) to High (for the Enterprise Firewall). You can get the framework running in 4 steps: pip install golf-mcpgolf initgolf build devgolf run. However, building an enterprise-grade gateway with prompt injection detection is a massive undertaking.

Business Model

  • Monetization: Open source to attract devs + Enterprise SaaS/On-Prem fees.
  • Pricing: Not public; requires a demo booking, first-come-first-served.
  • Current Customers: "Already running in production at multi-thousand-employee organizations."

Big Tech Risk

This is a serious consideration. GitHub launched Enterprise AI Controls & Agent Control Plane in Feb 2026. Cloudflare is also working on MCP security products (Code Mode). Golf's edge lies in: (1) Focus on MCP-native security rather than generic API security; (2) An existing developer community via the framework; (3) YC backing and the speed of a small team. However, if Cloudflare or AWS go all-in on an MCP gateway, the space will get crowded fast.

For Product Managers

Pain Point Analysis

  • Problem Solved: Employees connecting AI tools to company systems via MCP without security oversight.
  • How painful is it?: High frequency + High necessity. 82% of firms have AI agents, but only 44% have policies. In 2026, the financial sector faces mandatory AI governance with fines up to 7% of global revenue. Auditors will flag a lack of AI governance documentation immediately.

User Persona

  • Primary: CISOs, Security Teams, IT Admins.
  • Secondary: Developers building MCP servers (using the open-source framework).
  • Scenarios: Internal AI tool control, compliance auditing, MCP server development.

Feature Breakdown

FeatureTypeDescription
Shadow AI DiscoveryCoreScans and discovers all MCP connections
Policy EnforcementCoreExecutes policies by tool/team/data source
Audit TrailCore90-day full records, pre-mapped to SOC 2/ISO 27001
Prompt Injection DetectionCoreReal-time detection via fine-tuned LLM
SSO/IDP IntegrationCoreOkta, Auth0, Entra ID
SIEM IntegrationNice-to-haveExport to Elasticsearch/Datadog
On-Premises DeploymentCoreData never leaves the customer environment
GolfMCP FrameworkCore (Ecosystem)Attracts devs to build the MCP ecosystem

Competitive Landscape

DimensionGolfMintMCPAcuvity (Proofpoint)Lasso Security
PositioningMCP Governance + VisibilityCompliance-firstAI Security + RuntimeThreat Detection
SOC 2Pre-mappedType II CertifiedVia ProofpointUnknown
Open SourceApache-2.0NoMinibridge (Apache)MIT
LatencySub-msHigherUncertainHigher
Unique EdgeMCP Native + OS FrameworkCursor PartnershipAcquired by ProofpointGartner Cool Vendor
Best ForMCP Visibility NeedsHighly Regulated IndustriesEnterprise Full-stackHigh-security Environs

Key Takeaways

  1. Open Source + SaaS Flywheel: Use the framework to win over devs, who then advocate for the enterprise version. The classic HashiCorp model.
  2. "Discover-Enforce-Audit" Narrative: Simplifies a complex security product into three easy steps, reducing cognitive load.
  3. Shadow AI as the Hook: Instead of asking companies to set policies, help them "see" the problems they already have.

For Tech Bloggers

Founder Story

  • Wojciech Blaszak: CEO, Polish. Started a business at 14 that hit $200k revenue. Dropped out of college after one semester. Previously worked on AI SDRs and agent infra. Founded a community for young Polish hackers.
  • Antoni Gmitruk: CTO. Built a fully automated 3D printer at 15. Also a one-semester dropout. The two have been building together since they were 14.
  • The Narrative: Two Eastern European teen founders drop out and move to SF to tackle the new MCP frontier, backed by YC X25 and ElevenLabs. "We talked to 40+ teams; security is the #1 blocker for MCP adoption."

Points of Contention

  • "Why not just use FastMCP?": Critics ask why build a new framework instead of extending FastMCP. Golf's response is that they do use FastMCP under the hood; they just provide a convention-over-configuration layer on top.
  • Production Ready?: Some commenters doubt Golf is ready for prime time, but the team claims it's already running in production for organizations with thousands of employees.
  • Real Need or Hype?: Golf published a "No-Bullshit Guide to MCP Security," admitting that of the 5 major MCP threats, only 2 actually lead to data leaks; the others are theoretical.

Traction Data

  • PH Ranking: 389 votes
  • GitHub: 776 stars, 58 forks
  • Twitter Buzz: Low; launch tweets had around 49 views.
  • Sector Heat: The MCP Gateway space is red hot, with Golf appearing in multiple "Best MCP Gateways of 2026" lists.

Content Suggestions

  • The Angle: "The Shadow AI Problem in the MCP Era—How many AI tools are your employees secretly connecting?"—Use Golf's scan interface for a strong visual hook.
  • Trend Jacking: MCP security is a major 2026 trend, especially with tightening compliance. "The Countdown to Enterprise AI Compliance" is a great angle.

For Early Adopters

Pricing Analysis

TierPriceFeaturesIs it enough?
Open SourceFreeMCP Server building, Auth, TelemetryGood for individuals/small teams
EnterpriseUnlisted (Demo)Firewall, Gateway, Auditing, SSOEssential for corporations

Getting Started

  • Framework Setup Time: 10 minutes.
  • Learning Curve: Low (if you know Python and MCP basics).
  • Steps:
    1. pip install golf-mcp
    2. golf init my-project
    3. Define tools in the tools/ directory.
    4. golf build dev && golf run
    5. Server runs at localhost:3000.

The Catch

  1. Roadmap Items: Cloud instant deploy and OAuth management aren't delivered yet—don't be misled by the marketing.
  2. Doc Gaps: As an early project, some advanced feature documentation is sparse.
  3. Lock-in Risk: While it uses FastMCP, Golf's specific conventions might lead to some framework lock-in.
  4. Small Community: Twitter engagement is still low (49 views on some tweets); the community is in its infancy.

Security & Privacy

  • Data Storage: Supports On-Premises deployment; data stays in your environment.
  • Compliance Mapping: SOC 2, ISO 27001, NIST AI RMF, FINRA (Pre-mapped, not yet certified).
  • Audit: Full 90-day audit trail.

Alternatives

AlternativeProsCons
MintMCPSOC 2 Type II, Cursor partnershipClosed source, likely pricier
Lasso SecurityMIT Licensed, Gartner recognizedHigher latency
Direct FastMCPZero learning curveNo auth/telemetry/security layer
Cloudflare MCPBig tech backing, CDN edgeGeneric solution, not MCP-specialized

For Investors

Market Analysis

  • AI Governance Market: $227.6M (2024) → $1,418.3M (2030), CAGR 35.7%.
  • Agentic AI Governance: $7.28B (2025) → $38.94B (2030), CAGR 39.85%.
  • AI Agents Total Market: $7.92B (2025) → $236B (2034).
  • Drivers: MCP becoming the standard, stricter compliance, Shadow AI explosion.

Competitive Landscape

TierPlayersPositioning
Tech GiantsGitHub (Enterprise AI Controls), CloudflareGeneral AI Security
AcquiredAcuvity → ProofpointFull-stack AI Security
Vertical LeadersMintMCP (SOC 2), Lasso (Gartner)Compliance/Threat Detection
New EntrantsGolf (YC X25)MCP-Native Governance + Open Source

Timing Analysis

  • Why Now?: In 12 months, MCP went from an Anthropic experiment to a standard supported by Anthropic, OpenAI, Google, and Microsoft. Enterprise adoption is outpacing security infra.
  • Tech Maturity: The protocol is evolving fast, but the fundamentals (tool calls, resource access) are stable.
  • Market Readiness: High—Acuvity's acquisition by Proofpoint (Feb 2026) validates the sector's value.
  • Regulatory Push: 2026 mandatory AI governance in finance, with massive non-compliance fines.

Team Background

  • Wojciech Blaszak: CEO, Polish, started at 14, $200k revenue, SF dropout.
  • Antoni Gmitruk: CTO, built 3D printers at 15, dropout.
  • Team Size: Small (exact headcount unlisted).
  • Traits: Young, technical, early movers in the MCP space.

Funding Status

  • Raised: Y Combinator X25 batch ($500k for 7%) + ElevenLabs.
  • Total Amount: Unlisted; YC X25 median seed is ~$3.1M.
  • Valuation: Unlisted.

Conclusion

Golf has hit a perfectly timed pain point: MCP is spreading like wildfire in enterprises, but security infrastructure is a vacuum. The open-source + SaaS flywheel is a proven model. However, as a YC X25 early-stage company, the biggest question is whether they can build a sufficient moat before GitHub or Cloudflare take over the space.

User TypeAdvice
DevelopersGive it a spin — The framework really does cut out the MCP boilerplate.
Product ManagersWatch this — The "Discover-Enforce-Audit" narrative and flywheel model are masterclasses in PM strategy.
BloggersGreat story — "Shadow AI" is a hot topic, and the 14-year-old founder story is very clickable.
Early AdoptersCautiously optimistic — Play with the framework, but wait for the enterprise version to mature for production.
InvestorsWorth tracking — Great timing and YC backing, but the "Big Tech" risk is the key variable.

Resource Links

ResourceLink
Official Sitehttps://golf.dev/
GitHubhttps://github.com/golf-mcp/golf
Docshttps://docs.golf.dev/
Twitterhttps://x.com/Golf__mcp
ProductHunthttps://www.producthunt.com/products/golf
YC Profilehttps://www.ycombinator.com/companies/golf
Founder LinkedInhttps://www.linkedin.com/in/wojciech-b%C5%82aszak11/
Bloghttps://golf.dev/blog

2026-03-06 | Trend-Tracker v7.3

One-line Verdict

Golf enters the security gateway market at the critical inflection point of the MCP ecosystem. With its open-source strategy and focus on compliance pain points, it has high growth potential but must stay wary of rapid moves by cloud giants.

FAQ

Frequently Asked Questions about Golf

Golf is the 'Enterprise Firewall' for the MCP protocol, used to monitor, control, and audit connections between AI agents and internal data.

The main features of Golf include: Shadow AI Discovery (automatic scanning), Policy Enforcement (sub-millisecond interception), Audit Trail (SOC 2/ISO 27001 pre-mapped), Prompt Injection Detection (real-time detection).

Open-source framework is free; Enterprise version requires a demo (pricing not public).

Enterprise Security Teams (CISO), IT Admins, DevOps Engineers, and developers building MCP servers.

Alternatives to Golf include: MintMCP (compliance-first), Acuvity (acquired by Proofpoint), Lasso Security, Cloudflare.

Data source: ProductHuntMar 6, 2026
Last updated: