Documentation Index

Fetch the complete documentation index at: https://knowledge.catonetworks.com/llms.txt

Use this file to discover all available pages before exploring further.

Understanding Scouts and Agent Controls

Prev Next

Overview

Together, Scout, Agent Controls, and Agent Policy help security teams move from discovering local AI coding tools, to observing agent activity, to enforcing organizational standards for secure AI-assisted development:

  • Scout is Cato AI Security’s endpoint discovery solution for local AI coding agents. It answers a key security question: What AI tools are developers using on their machines? Scout scans developer workstations to identify locally installed AI-powered development tools and give security teams visibility into AI tool adoption across the organization.

  • Agent Controls extend this visibility into agent interactions by providing event-triggered integration points for local AI coding agents. When supported agent activity occurs, such as a user message, tool call, tool response, or MCP-related interaction, Agent Controls surface the event to Cato AI Security so it can be evaluated using Agent Policy.

  • Agent Policy can govern what users are allowed to send to coding agents, which tools or MCPs agents are allowed to use, and what action to take when activity matches a rule.

Supported OS

  • macOS, Windows, and Linux

Deploying Agent Controls via Scout Settings

Configure Scout Settings before deploying Scout to endpoints. These settings determine whether Agent Controls are deployed with Scout and which users or groups receive their enforcement.

Agent Controls provide event-triggered integration points for local AI coding agents. They allow supported coding-agent activity to be surfaced to Cato AI Security for visibility and Agent Policy evaluation.

When Enforcement is enabled, Scout enforces Agent Controls on detected AI coding tools. This allows Cato AI Security to receive supported agent events, so those events can be evaluated using Agent Policy.

The Enforcement Policy controls which users or groups receive Hooks enforcement. Select specific users or groups to limit enforcement to those identities. If the enforcement policy is empty, Agnet Controls enforcement applies to everyone.

To deploy Agent Control and configure the enforcement policy:

  1. From the CMA navigation menu, click AI Security > Integrations.

  2. From the navigation menu, click AI Security > User Interaction Policy.

  3. Navigate to the AI Security > Scout page and click Settings.

  4. Click the Enforcement toggle to enable enforcement.

  5. Optional: Define which users and groups the Agent Control enforcement applies to.

Deploying Scout

Deploying Scout does not require TLS inspection, a network proxy, or a browser extension. Scout operates at the endpoint level and can be deployed through an MDM or endpoint management solution.

Before deploying Scout, configure Scout Settings to determine whether Hooks are deployed and which users or groups receive Hooks enforcement.

To deploy Scout:

  1. Navigate to AI Security > Scout.

  2. Optional: Configure Scout Settings to determine whether Hooks are enforced as part of the Scout deployment.

  3. Click Install.

  4. Copy the installation script and deploy it to target endpoints using your MDM or endpoint management solution, such as Kandji, Intune, Jamf, or an equivalent tool.

  5. In the third-party solution, schedule the script to run periodically. We recommend running it every 6 hours.

    Every time the script runs it updates the Scout and pulls new AI usage data.

Working with Scout

The Scout page provides visibility into Scout deployments across developer endpoints. It helps security teams understand where Scout is installed, which endpoints are actively reporting, and whether those endpoints are configured with inline Hooks for local AI coding-agent interactions.

Scout Page Widgets

Widget

Description

Scout Activity

Shows Scout activity over the last 30 days, including the number of active Scouts.        

Identified Users

Shows the number of users identified by Scout over the last 30 days.        

OS Distribution

Shows the distribution of Scout installations by operating system.        

Daily Scouts Installed

Shows the number of Scout installations detected per day over the last 30 days.        

Scout Installations Table

Field

Description

Scout ID

Unique identifier for the Scout installation.

User

User associated with the Scout installation, when available.        

Hostname

Hostname of the endpoint where Scout is installed.

Inline Hooks

Indicates whether inline Hooks are detected or configured for the endpoint.        

OS

Operating system of the endpoint.

First Seen

Date and time when the Scout installation was first detected.        

Last Seen

Date and time when the Scout installation last reported activity.        

Supported Coding Agents

  The following sections list the coding agents and coding agent controls that   can be detected by Cato AI Security.

Coding Agent Discovery

  • Claude Code

  • Cursor

  • Codex

  • OpenClaw

  • Claude Cowork

  • Google Antigravity

  • PyCharm

  • IntelliJ IDEA

  • Junie

  • JetBrains

  • Windsurf

  • Copilot

  • VS Code

Coding Agent Controls

  • Claude Code

  • Cursor

  • Codex

  • Many More to Come