Quick Start

Code Agent Control Plane is Highflame's governance layer for AI coding assistants. It sits alongside your IDE, not in the network path, and watches every prompt, tool call, file operation, shell command, and MCP interaction in real time. Developers keep their normal workflow. Security and platform teams get visibility, policy enforcement, and an audit trail across the organization.

The Highflame Difference

Most AI security products were designed for chatbots and retrofitted to coding agents. Code Agent Control Plane was built for code agents from day one. That shows up in three places:

No gateways. No proxies. No added latency. Guardrails run on the developer's machine through the IDE's own hook system. There is no traffic to reroute, no certificate to install, no VPN to maintain, and nothing in the request path that can slow developers down or break when it's down. Optional AI-powered semantic checks run remotely and are opt-in at the organization level.

Built for code agents, not retrofitted. Because we live inside the agent's hook surface, not between it and the model, we see things gateway products can't, which MCP servers a developer connected to, which tools each server exposes, the actual file and shell operations the agent is about to run, and the prompts that triggered them. That's what makes meaningful discovery and tool-level policy possible.

Discover first, then govern. Code Agent Control Plane gives administrators a real inventory of the AI assistants, MCP servers, and tools in active use across the organization before asking them to write a single policy. Decisions are grounded in observed usage rather than guesses.

What You Get

Key Features

• IDE-agnostic: One install. Universal hook integration. No IDE plugin or extension to maintain.

• Zero lock-in: Uses each IDE's native hook configuration. Uninstalling removes the hooks cleanly.

• Studio dashboard: Organization-wide view of code agent usage — sessions, threats, MCP scans, command analysis, and policy decisions — in Highflame Studio.

• Cross-product correlation: Code agent events also flow into Observatory, where they can be correlated with gateway, browser, and other agent activity for the same user or session.

Who It's For

• Security teams and administrators who need to enforce guardrails, monitor threats, and produce an audit trail for AI usage on developer workstations.

• Developers and AI engineers who want to keep using their preferred AI coding assistant — Cursor, Claude Code, Copilot, Gemini, Codex — without changing how they work.

• Platform and DevOps teams who need a clean install, sensible defaults, and CLI-driven configuration that fits existing tooling.

Supported Code Agents

Code Agent Control Plane works with the AI coding assistants that developers are actually using today:

Next Steps

• Installation Guide — get Overwatch running on developer workstations

• Code Agent Policies — define and deploy guardrails across your organization

• Discovery and Metrics — see what's actually running in your environment

• Threat Response — triage and respond when something fires

^† AI-powered semantic analysis runs remotely and is optional. Administrators control whether it's enabled for the organization. All other guardrails run locally on the developer's machine.