AI Security Posture Management for AI Agents and Tools Running on Endpoints

Traceforce is a security startup building a new category of endpoint security for a world where AI agents and assistants operate directly on user devices. The company argues that AI-related breaches increasingly start at the endpoint, a layer where conventional endpoint detection and response and cloud access security broker tools lack visibility. Its platform is designed to surface and govern locally running AI applications, agents, and integrations that would otherwise go unmonitored across an organization's fleet of devices.

The product automatically discovers AI tools, Model Context Protocol connections, and agent skills running across endpoints, then assesses risk based on actual usage patterns rather than signatures alone. Detection is positioned as fast, with the company citing time-to-first-detection of under five minutes. Traceforce also provides automated security hardening that integrates with existing security infrastructure, and offers enterprise deployment features such as single sign-on and role-based access controls for larger environments.

Traceforce targets enterprise organizations that need visibility and control over fast-spreading shadow AI, including teams supporting large companies with strict compliance requirements. The company references compliance certifications such as ISO 27001 and SOC 2. It has been developing TraceGraph, a real-time AI activity graph built from telemetry collected on endpoints, and a related agent SDK for custom security use cases, reflecting a focus on giving security teams continuous insight into how AI is actually being used.