Skip to main content

AI Discovery

Inventory First

Before you set any policy, Cerbera AI builds an inventory of the AI in use across your fleet. The first wave of value is simply visibility: knowing which AI tools your people use, and in what proportion.

Cerbera maintains the catalog of what it can detect, and keeps it current as new tools appear. When usage is found, it is surfaced so you can see who uses what.

What Gets Detected

CategoryExamples
Browser assistantsChatGPT, Claude, Gemini used in the browser
Desktop applicationsClaude desktop, Claude Cowork
Coding agents and CLIsClaude Code, plus more exotic clients like Hermes and OpenClaw
ModelsThe underlying models reached through these tools
MCP serversBoth official, provider-maintained servers and third-party ones

For each tool, you can choose to approve it or blocklist it, giving you a macro-level census and administrative control over which AI systems teams may use.

MCP Visibility

MCP usage gets its own view. Cerbera distinguishes:

  • Provider-maintained MCP servers (for example Notion, Stripe, Figma, Slack), which are generally trustworthy.
  • Third-party or "wild" MCP servers, often community wrappers around a vendor's API, maintained by unknown parties. Users frequently connect to these and hand over API keys and tokens.

The dashboard shows how people connect to each server and whether they expose tokens or are misconfigured, so you can send guidance to fix it. For full rule and policy detail, see MCP Governance.

From Discovery to Policy

Discovery feeds directly into your rules. A typical path:

  1. Monitor

    Run silently for a few weeks to learn what is actually in use.

  2. Review

    Look at the inventory of tools, models, and MCP servers, and the risky configurations Cerbera flags.

  3. Decide

    Approve sanctioned tools and blocklist the ones you do not want, for example Deepseek or OpenClaw.

  4. Enforce

    Switch unknown tools to block-by-default once you have catalogued the bulk of legitimate usage.

Next Steps