What happened
WitnessAI launched Agentic Control on June 17, 2026 — a runtime enforcement layer that governs how AI agents interact with enterprise tools and MCP servers. Features include: automated agent discovery across IDEs/frameworks/cloud, an MCP Catalog scoring tools against OWASP and CVE risk classes, org-wide allow-lists for approved MCP servers, runtime prompt/response enforcement, and a full audit trail.
Why it matters
Legacy security tools cannot inspect MCP-protocol traffic or agent-to-agent workflows. WitnessAI's MCP-native catalog and allow-list model directly addresses the gap that makes uncontrolled MCP deployments a live exfiltration risk, arriving at the same time as OWASP's first MCP security guidance.
Applicability
Enterprise security teams deploying MCP-connected agents (Cursor, Claude Code, custom frameworks) should evaluate Agentic Control for runtime governance; CISOs should treat MCP allow-listing as an immediate control gap to close.