AI Discovery
Inventory First
Before you set any policy, Cerbera AI builds an inventory of the AI in use across your fleet. The first wave of value is simply visibility: knowing which AI tools your people use, and in what proportion.
Cerbera maintains the catalog of what it can detect, and keeps it current as new tools appear. When usage is found, it is surfaced so you can see who uses what.
What Gets Detected
| Category | Examples |
|---|---|
| Browser assistants | ChatGPT, Claude, Gemini used in the browser |
| Desktop applications | Claude desktop, Claude Cowork |
| Coding agents and CLIs | Claude Code, plus more exotic clients like Hermes and OpenClaw |
| Models | The underlying models reached through these tools |
| MCP servers | Both official, provider-maintained servers and third-party ones |
For each tool, you can choose to approve it or blocklist it, giving you a macro-level census and administrative control over which AI systems teams may use.
MCP Visibility
MCP usage gets its own view. Cerbera distinguishes:
- Provider-maintained MCP servers (for example Notion, Stripe, Figma, Slack), which are generally trustworthy.
- Third-party or "wild" MCP servers, often community wrappers around a vendor's API, maintained by unknown parties. Users frequently connect to these and hand over API keys and tokens.
The dashboard shows how people connect to each server and whether they expose tokens or are misconfigured, so you can send guidance to fix it. For full rule and policy detail, see MCP Governance.
From Discovery to Policy
Discovery feeds directly into your rules. A typical path:
Monitor
Run silently for a few weeks to learn what is actually in use.
Review
Look at the inventory of tools, models, and MCP servers, and the risky configurations Cerbera flags.
Decide
Approve sanctioned tools and blocklist the ones you do not want, for example Deepseek or OpenClaw.
Enforce
Switch unknown tools to block-by-default once you have catalogued the bulk of legitimate usage.