CogniWatch
CogniWatch
Connecting to observatory…
AI Agent Security Observatory
CogniWatch continuously scans the internet for autonomous AI agents — identifying frameworks like AutoGen, CrewAI, LangChain, n8n and more before they become security risks. Traditional security tools focus on known threats. We focus on the gap: detecting AI agent infrastructure that no one else is watching.
Agents Detected
Loading…
Frameworks
Loading…
Sentinel Score
🛡
Loading…
Scanner Status
Loading…
🛡 Top Vulnerabilities
See all on Sentinel →
⊙ Recent Detections ● Live
IP Address ↕ Port Framework Confidence ↕ Trust ↕ Risk Last Seen
📡

Live Activity Feed

● LIVE
Live updates paused — showing recent detections
⬡ Risk Distribution
◎ Framework Distribution
🛡
Sentinel Security Command
Continuous security posture assessment across all discovered AI agent infrastructure. Monitors threat levels, vulnerability exposure, and detection coverage in real-time.
Threat Score
Lower is better
Coverage
% of known ranges scanned
Agents Monitored
Total under observation
🔒 Security Assessment
🛡 Known Vulnerabilities
Checking CVE database…
📊 Detection Confidence Histogram
📈 Detections Over Time
Network Topology
Geographic and port distribution of detected AI agent infrastructure. Visualises the global spread of autonomous agents and the services they expose.
Agent Network Map
🌐 Geographic Distribution
🔗 Port Distribution
All Detected Agents
Complete inventory of every autonomous AI agent detected across the internet. Search, filter, and export the full dataset for analysis.
IP Address ↕ Port Framework Confidence ↕ Trust ↕ Risk Sentinel Evidence Last Seen
🔌
MCP Intelligence & Protocol Analysis
The Model Context Protocol (MCP) is the emerging standard for AI agent tool integration. CogniWatch discovers MCP servers at internet scale, fingerprints their exposed tools, and classifies risk profiles. Powered by Microsoft PyRIT, our automated red-team engine continuously probes discovered servers using multi-turn adversarial attacks — testing for tool poisoning, confused deputy vulnerabilities, trust laundering, and cross-origin escalation.
🔎

MCP Server Discovery

scanning...
HostPortConfidenceTransportRiskLast Checked
🔍

MCP Capability Fingerprinting

Loading capability data...
🐾

PicoClaw Gateway Intelligence

● LISTENING
Loading PicoClaw data...
☠️

Tool Poisoning Detection

PyRIT Crescendo scanning...
Loading poisoning analysis...
🎭

Confused Deputy Detection

PyRIT TAP scanning...
Loading deputy analysis...
⚔️

PyRIT Red Team Intelligence

Powered by Microsoft PyRIT SCANNING
Loading red-team intelligence...
Validated Findings
Active probe results — confirmed exposures from non-invasive testing
Confirmed Findings
Affected Hosts
Total Probes Run
Confirm Rate
Latest Batch: | | targets probed Non-invasive GET-only probes · No exploitation · No remediation
Confirmed Findings
Severity Framework Host Probe HTTP Version
Loading validated findings...
Probe Batch History
Batch Time Targets Probes Confirmed Errors Rate
Loading batch history...

🟢 Detection Status Overview

Live
Stale
Inconclusive
New
Archived
— live / — total —%

By Framework

Confirmed Live (Top 10)