Harmonic MCP Gateway for agentic workflows .

Impact

  • Delivered a new MCP gateway security capability to address an emerging market gap — securing sensitive data in agentic AI workflows where competitors were beginning to enter.

  • Secured three new customers, including beta participation from existing clients, validating early product-market fit.

  • Positioned Harmonic ahead of competitors and expanded coverage of the AI security stack, supporting long-term market share growth.

  • Delivered a new MCP gateway security capability to address an emerging market gap — securing sensitive data in agentic AI workflows where competitors were beginning to enter.


  • Secured three new customers, including beta participation from existing clients, validating early product-market fit.


  • Positioned Harmonic ahead of competitors and expanded coverage of the AI security stack, supporting long-term market share growth.

Problem

MCP agentic workflows are emerging and largely invisible to security teams. As a result, employees may unintentionally share sensitive data with unregulated MCP servers, creating significant organisational risk.

Challenges

  • MCP is a new area for the industry, and our engineering teams had no prior hands-on experience, we had to build knowledge collaboratively while developing the product.

  • Prospective customers were already asking for MCP visibility and controls, but their own understanding was limited, which meant early discovery conversations provided incomplete insights.

  • Given the tight timeline for a new product, we made informed assumptions to get started and refined decisions as design and development progressed

• This was Paddles first B2C product offering, which meant we had complexities around storing payment methods, customer details and authentication


• It needed to be fully responsive and mobile first?


• There was no team in place to deliver this at the start. It was just myself and a Senior PM.

Solution

The MCP Gateway is a self-contained product within the Harmonic Security platform, accessible via the customer portal. It is currently positioned as an MVP and available to a small group of early beta customers.

The Harmonic MCP Gateway provides visibility into interactions between MCP servers (e.g., GitHub, Notion), MCP clients (e.g., Cursor, Claude), and end users, typically developers. It enables organisations to monitor usage and enforce AI policies by allowing or blocking access based on role, risk, or policy controls directly from the portal.

Built a new product within Harmonic's Customer portal

Allows customers to monitor MCP Server and Client usage

Raise alerts for sensitive data detection's by MCP

Configure groups of Employees who have custom access to MCP

Solution

A mobile first customer portal which allows our customers, customer to self manage their subscriptions.

A mobile first customer portal which allows our customers, customer to self manage their subscriptions.

The customer portal needed to work out of the box and be accessible to a global audience on any device, anywhere. By allowing the buyers (our customers, customer) to self manage their subscriptions it would allow sellers (our customers) to free resources on developing their business instead of managing subscriptions.

Discovery and learnings

Early wireframes, concepts and Claude.

Early wireframes, concepts and Claude.

We worked at pace, creating early wireframes based on initial assumptions drawn from our limited domain knowledge and early input from prospective customers. These concepts were translated into user flows and iterated quickly through multiple internal design reviews with product, engineering, and other stakeholders. As each area of the product was new to both the team and the market, we adopted a highly collaborative, learn-as-we-go approach.


I also began using Claude more independently as a design assistant by training it with security analyst personas and realistic organisational scenarios. This allowed me to simulate how different user types might interpret alerts, policies, and workflows, and to test early concepts before formal reviews. I used it to generate edge cases, challenge assumptions, and explore alternative interaction patterns, which helped accelerate iteration speed and improved the relevance of our designs for real security team contexts.

We went from nothing to a working MVP in less than 3 months

I used Claude as an assistant to help iterate some flows and concepts before refining

Early iterations, concepts and ideas

Final designs

Mark Slater 2025