Traceforce: AI App Security Monitoring
For those of us who care about developer experience, the "lightweight binary + browser extension" approach is the only way this works without killing machine performance. It provides a real-time dashboard of every AI agent running across a fleet of devices, specifically flagging vulnerable MCPs.
If you're managing a team of devs using Claude Code or other agents, you need a way to monitor tool calls without becoming a bottleneck. I'm particularly interested in their open-source pentesting tool for MCPs, as the attack surface for these plugins is expanding faster than most security teams can track.
Technical Stack & Performance:
This is a practical deployment for any org that has given up on banning AI and has instead decided to actually manage it.
The open-source tool for MCP vulnerability scanning is available here:
https://github.com/traceforce/mcp-xray