DATA + AI SUMMIT ![Image 5: Data+ai summit promo JUNE 15–18|SAN FRANCISCO Last chance to save 50% — ends April 30. Register](http://www.databricks.com/dataaisummit?itm_source=www&itm_category=home&itm_page=home&itm_location=navigation&itm_component=navigation&itm_offer=dataaisummit)

1. Blog 2. / AI 3. / Article

Contents in this story

Security and Compliance for Coding Agent, MCP and LLM Interactions

Governing Coding Agent Sprawl with Unity AI Gateway

Securely deploy, manage, and scale AI coding tools across your organization with centralized governance, observability, and cost controls

Published: April 17, 2026

AI5 min read

by Aarushi Shah, Ankit Mathur, Bilal, Kevin Stumpf, Rohit Agrawal, Harish Gaur and Ana Nieto

Share this post

[](https://www.linkedin.com/shareArticle?mini=true&url=https://www.databricks.com/blog/governing-coding-agent-sprawl-unity-ai-gateway&summary=&source=)
[](https://twitter.com/intent/tweet?text=https://www.databricks.com/blog/governing-coding-agent-sprawl-unity-ai-gateway)
[](https://www.facebook.com/sharer/sharer.php?u=https://www.databricks.com/blog/governing-coding-agent-sprawl-unity-ai-gateway)

Keep up with us

#### Summary

Securely govern coding agents with centralized audit and MCP controls
Unify costs across tools with single budgets and transparent billing
Get full visibility into adoption, usage, and effectiveness with built-in observability

Software development has entered a new era. The best engineering teams are now shifting development from human-driven to agent-driven. All organizations should be aggressively looking to deploy these new 10x engineers as broadly as possible but they are concerned about governing and monitoring adoption. For coding against to be successful, they need access to sensitive company data such as engineering tickets, design documents, and customer issues, and organizations fear the security risks and runaway costs of ungoverned and unmonitored adoption.

Today, we’re introducing the Coding Agent Support in Unity AI Gateway. Our goal is to deliver coding tool freedom for developers and unified governance for admins.

**AI Coding Agent Sprawl**

Opus 4.6, Composer 2, GPT-5.4, Kimi-2.5, Gemini 3 Pro -- new models are released every week that reshape the frontier of cost and quality. Coding tools themselves are also constantly evolving, and software developers want choice, For example, within Databricks, our software developers flexibly mix usage between Cursor, Codex, Claude Code, and others -- often using multiple tools at the same time! Adopting multiple coding tools is a business necessity, which then introduces key challenges for administrators trying to move fast to support developer productivity with multiple tools.

Image 8: Coding agent sprawl slows AI deployment

Coding agent sprawl slows AI deployment in your org

Security, data privacy, and cost reviews for new tools can slow teams down. In addition, these AI coding tools require much stronger due diligence for several reasons:

**Security Risk: MCPs can give agents access to sensitive data**

MCP tools are most useful when they have access to critical data within your organization, so it’s easy to accidentally make them the most privileged developer in your organization. How do organizations audit and govern agent’s access to data?

**Cost Explosion: Agent costs are exploding**

With AI usage growing, agent costs are becoming a top R&D cost driver. Access to AI and flexibility of tools needs to be balanced with reasonable cost guardrails. How can admins ensure effective cost controls across multiple tools?

**Visibility Gap: Executives lack visibility into tool adoption**

With the expanding capabilities of these tools, organizations are racing to adopt AI. To scale AI across an organization, measurement is critical to identify the key blockers. How can executives easily see who is using AI if everyone’s using a different tool?

So, how can organizations move fast to enable AI productivity while ensuring data privacy and cost visibility?

**Introducing Coding Agent Support in Unity AI Gateway**

To simplify this, we are introducing the coding agent support in Unity AI Gateway, a unified governance hub for popular coding tools like Codex, Cursor, and Gemini CLI**.**Our gateway unifies access controls, usage statistics, operational observability, cost management, guardrails, and inference capacity into a single platform, giving you centralized control over your AI agents.

**Pillar 1: Centralized Security and Audit**: All agent data access can be centrally governed with all audit logs in Unity Catalog with MCP servers managed in Databricks and centralized tracing with MLflow.
**Pillar 2: Single Bill and Cost Limits**: Admins can set cost limits that apply across whichever tools developers want to use. With capacity from Foundation Model API, which offers first-party inference for all popular models, admins get one all-in bill from Databricks.
**Pillar 3: Full Observability in the Data Lakehouse:**Critical data like lines of code written per user, cost per month per user, and more are all automatically ingested into your Data Lakehouse, alongside the rest of your critical data.

Security and Compliance for Coding Agent, MCP and LLM Interactions

AI Gateway unifies security governance across coding agents, LLM interactions and MCP integrations. Your development workflows run on the same trusted platform as your analytics and AI, with centralized controls

**Data privacy**: We ensure your private data stays within the Databricks security perimeter.
**Audit-ready logging:** Automatically capture traces in Unity Catalog for compliance and security reviews.
**Single identity across all services**: Developers authenticate once with Databricks credentials for all tools—GitHub, Atlassian, and others—with no separate logins per service. This securely connects agents to critical data sources while enforcing consistent governance.

By unifying all integrations, including coding agents and MCP tools, organizations can centralize logging, enforce policies, and monitor usage across the entire ecosystem, ensuring consistent security and compliance.

Simplify cost management and billing

Databricks’ Foundation Model API provides inference for OpenAI, Anthropic, and Gemini models, and the best open source coding models like Qwen in a single platform. The Gateway also lets you bring external capacity in, expanding governance to all your tokens, regardless of where they flow.

This means your coding tools can connect to the same capacity as your other agents, and costs are centralized into a single bill and observability platform! Foundation Model API offers day one launches for every frontier LLM model, so developers can use the newest, best models that are coming out immediately.

With our centralized Gateway, admins can stop switching tabs between admin consoles to control rate limits and budgets for every single coding tool. Instead, organizations can give developers a single budget across _all_ coding tools to burn down on _their_ agent of choice!

REPORT

The agentic AI playbook for the enterprise

Read now

Unified Observability for AI Coding Tools

By treating AI coding tool usage data as a first-class citizen in Unity Catalog alongside your enterprise datasets, you gain a unified, governed framework for deep operational intelligence. This ensures all coding activity is auditable, secure, and ready for automated workflows.

With our OpenTelemetry ingestion, coding tool metrics and traces are automatically centralized to Unity Catalog-managed Delta tables.

With all the data landing in the Lakehouse, enterprises are finding creative ways to combine usage data with their business’ ontology.

**Track adoption per org**: Join AI Gateway metrics with Workday to map GenAI adoption by department, region, or seniority, helping identify where to target enablement.
**Quantify Developer Velocity**: Measure the tangible impact of AI assistance on output.

Example: "A 20% increase in token usage per developer drove a 15% reduction in pull request cycle time, directly linking AI tool usage to increased developer velocity."

**Proactive Capacity Planning**: Monitor users hitting rate limits to data-justify securing additional capacity or dedicated throughput before productivity is throttled.

**What Our Customers Are Saying**

We have been working to get visibility into our coding tool usage across teams. We need a centralized way to monitor spending, manage token budgets, and catch anomalies before they become costly problems. We look forward to leveraging AI Gateway’s monitoring capabilities to give us the control and transparency we need to scale AI responsibly. — George Torres, Senior Director of AI Engineering, First American

As we broaden adoption of AI coding tools to support hundreds of developers across regions, we are counting on AI Gateway to provide native support for experimental features and advanced tooling including web search and large-context models. We need a unified platform that seamlessly enables beta capabilities and provides real-time usage dashboards, so we can scale AI development with confidence while maintaining rigorous governance and compliance across our healthcare analytics organization. — Iyibo Jack , Chief Product Officer, Milliman MedInsight

Get Started

Starting today, the AI Gateway for coding tools is available for all Databricks customers. **Cursor**, **Gemini CLI** and **Codex CLI** support are ready for immediate use.

Check out the documentation to get started.

Keep up with us

Contents in this story

Security and Compliance for Coding Agent, MCP and LLM Interactions

Recommended for you

Image 12: Build with GPT-5 on Databricks with AI Gateway

Platform

August 7, 2025/3 min read

#### Build with GPT-5 on Databricks with AI Gateway

Image 14: Announcing Advanced Security and Governance in Mosaic AI Gateway

September 9, 2024/5 min read

#### Announcing Advanced Security and Governance in Agent Bricks AI Gateway

Image 16: Securing the Future: How AI Gateways Protect AI Agent Systems in the Era of Generative AI

Security and Trust

November 14, 2024/4 min read

#### Securing the Future: How AI Gateways Protect AI Agent Systems in the Era of Generative AI

Share this post

[](https://www.linkedin.com/shareArticle?mini=true&url=https://www.databricks.com/blog/governing-coding-agent-sprawl-unity-ai-gateway&summary=&source=)
[](https://twitter.com/intent/tweet?text=https://www.databricks.com/blog/governing-coding-agent-sprawl-unity-ai-gateway)
[](https://www.facebook.com/sharer/sharer.php?u=https://www.databricks.com/blog/governing-coding-agent-sprawl-unity-ai-gateway)

Never miss a Databricks post

Subscribe to our blog and get the latest posts delivered to your inbox

Sign up

Country*

By clicking “Subscribe” I understand that I will receive Databricks communications, and I agree to Databricks processing my personal data in accordance with its Privacy Policy.

What's next?

We Care About Your Privacy

Databricks uses cookies and similar technologies to enhance site navigation, analyze site usage, personalize content and ads, and as further described in our Cookie Notice. To disable non-essential cookies, click “Reject All”. You can also manage your cookie settings by clicking “Manage Preferences.”

Manage Preferences

Reject All Accept All

Privacy Preference Center

Opt-Out Preference Signal Honored

Privacy Preference Center

### Your Privacy
### Strictly Necessary Cookies
### Performance Cookies
### Functional Cookies
### Targeting Cookies
### TOTHR

#### Your Privacy

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

#### Opting out of sales, sharing, and targeted advertising

Depending on your location, you may have the right to opt out of the “sale” or “sharing” of your personal information or the processing of your personal information for purposes of online “targeted advertising.” You can opt out based on cookies and similar identifiers by disabling optional cookies here. To opt out based on other identifiers (such as your email address), submit a request in our Privacy Request Center.

More information

#### Strictly Necessary Cookies

Always Active

These cookies are necessary for the website to function and cannot be switched off in our systems. They assist with essential site functionality such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will no longer work.

#### Performance Cookies

[x] Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

#### Functional Cookies

[x] Functional Cookies

These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

#### Targeting Cookies

[x] Targeting Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. If you do not allow these cookies, you will experience less targeted advertising.

#### TOTHR

[x] TOTHR

Cookie List

Consent Leg.Interest

[x] checkbox label label

[x] checkbox label label

[x] checkbox label label

Clear

- [x] checkbox label label

Apply Cancel

Confirm My Choices

Allow All

![Image 30: Powered by Onetrust](https://www.onetrust.com/products/cookie-consent/)

!Image 32!Image 33

问问这篇内容

回答仅基于本篇材料

Skill 包

领域模板，一键产出结构化笔记

论文精读包
把一篇论文 / 技术博客精读成结构化笔记：问题、方法、实验、批判、延伸阅读。
- · TL;DR（1 段）
- · 研究问题与动机
- · 方法概览
投融资雷达包
把一条融资 / 创投新闻整理成投资人视角的雷达卡：交易要点、判断、竞争格局、风险、尽调清单。
- · 交易要点（公司 / 轮次 / 金额 / 投资人 / 估值，材料未明示则写 “未披露”）
- · 投资 thesis（这家公司为什么值得关注）
- · 竞争格局与替代方案

导出到第二大脑

支持 Notion / Obsidian / Readwise

下载 Markdown（Obsidian 直接拖入）

Governing Coding Agent Sprawl with Unity AI Gateway