We Compared 6 AI Coding Tools on Security. The Gap Between #1 and #2 Is Alarming.
One tool has 50 admin-controlled security settings deployable via MDM. Two tools have literally no documented MCP governance at all. One tool can’t even let admins disable telemetry. I spent two weeks digging through every piece of public documentation across six agentic coding tools — not marketing pages, not whitepapers, but actual config files, API docs, privacy policies, and security certifications. What I found was a landscape where the distance between best-in-class and “we’ll figure it out later” is measured in light-years, not inches. ...