---
title: "Product Spotlight - AI-Native Development and Compliance with Ketryx MCP"
type: webinar-transcript
publisher: Ketryx
source: "https://fast.wistia.net/embed/iframe/2fhr17kpse"
content: auto-caption transcript, proper-noun corrected
---

# Product Spotlight - AI-Native Development and Compliance with Ketryx MCP

*Ketryx webinar — transcript of the recorded session.*

[▶ Watch the recording](https://fast.wistia.net/embed/iframe/2fhr17kpse)

---

Well, welcome everyone. As you come in here for today's product spotlight, we will have a Q and A open. So feel free to shoot questions in there that we'll cover live. And then we'll also, of course, have a feedback survey at the end. So always helpful to get your input and feedback that helps us continually improve this content.

Purpose of these product spotlight webinars is really to show you a glimpse into a specific set of features applied to a specific set of use cases for how you can either you know, if you're new to Ketryx, learn about a little bit deeper of the functionality. Or if you're currently a customer or a Ketryx user, how you can continue to evolve the way you're using the platform. So with that, we'll do quick introductions and then we'll jump into a little bit of an overview of Ketryx, intro to MCP, and then we'll jump into a few different platforms to show you how you can interact with Ketryx through model context protocol. So I'm Gabriel Pasquale. I'm the head of product here at Ketryx.

Started my career in cybersecurity working at a company called the MITRE Corporation. So a lot of focus on embedded systems and cyber physical systems. I then went on and worked at Amgen applying AI on the quality and reliability side within manufacturing and ran into this problem of applying software automation and AI in a regulated industries. I found my way to Ketryx and have been here for the last three years helping folks accelerate their software and product development life cycles. So with that, I'll transition to Megan.

Hi. My name is Megan Menino. I am a technical product marketing manager here at Ketryx. My experience is heavily rooted in med tech development. For over six years, I was a systems engineer supporting the development of FDA class one through three devices all the way from early product definition to design transfer.

Six of the products that I work on are on the market. So the challenges of getting a product from concept to on the market is something that I understand very deeply and utilizing the tools. And I leverage that experience to help convey what Ketryx has to offer to our customers as well as support Gabriel and his team in understanding our customer experience to inform the road map and how we can use products like MCP and other tools. And I really love, Megan, collaborating with you on the MCP in general because there's so many of these use cases that come up where you're like, oh, you know, back at my time when I was asking this question, it would have been so helpful to just delegate this task to an assistant that could go out and look at my sign history file. So we'll see a little bit of that today.

Before we jump in and talk a little bit about MCP, for those that have not dug into sort of the problem that Keptrix is focused on, it's really that of a fragmented life cycle that we're all trying to grapple with as we develop software and AI systems. You have a set of functions that operate often across a set of different tools. We we often like to call it the the tooling valley. A valley between sort of these modern software development tools like Jira, GitHub, AWS, Azure DevOps, and then tools that are meant for compliance requirements management and documentation. And we often find that teams are spending their time going between these systems and doing three core things.

The first is copying information from systems into documents. The second is from systems to other systems. And the third which is I would say the most pernicious of them all is manually verifying that processes have been executed correctly. Which involves oftentimes many meetings, emails, and other types of synchronous activity that requires many stakeholders. When Ketryx enters the picture, what we enable teams to do is create a connected system across these different life cycle tools which allows you to one, automatically generate evidence of compliance while you work on those tools.

And in addition, enforce a process across these set of tools. So solving those first two pain points as well as the third around manual verification of your process. In addition to that, we add AI on top of this layer that allows you both to launch agents that are ambient and then the background that will surface insight and surface gaps for you automatically in addition to ways to connect externally to other AI systems that you probably are already or will soon be using within your workflow today. And that gives us a bit of a segue into an introduction of model context protocol and or MCP, which will then be a good layer into our demos. Megan, take it away.

Thank you. So as Gabriel mentioned, Ketryx starts with this knowledge graph. We unify data across the tools that you and your team use, including Jira, GitHub, Jama, Polarion. Whatever your teams use to support development, there's a single source of truth created across them. Now what Ketryx MCP does is it exposes the data from your end to end traceability to your preferred MCP compatible tool.

That could be Claude. It could be Cursor, and essentially offers the insights of that end to end traceability as well as your quality management system into that AI tool, really bringing the intelligence of Ketryx everywhere that you work. And rather than needing to jump into multiple tools to understand, is my requirement ready? Are we ready for release? How is my compliance going?

A single point can be utilized to understand these questions. Gabriel, is there anything else you wanna add here? No. I I well, maybe one thing which I I think that we're we're all sort of on this AI journey together. Things are changing really fast.

And one of the I think there's two big problems that we're trying to solve here. I think the first from an enablement perspective of how we learn these things, what are the potential use cases? How can we actually incorporate these technologies into our workflow? And then the second is how we do that safely? I think one of my, you know, maybe favorite or, you know, I think an important story that I heard yesterday at the conference was, hey, you know, I have I think it was like my niece works at one of the top, you know, tech companies and she was working on she was working with an agent to respond to a support ticket and she said something like, hey, can you look into the support ticket?

And they have very advanced AI there and the agent just went out and responded to the ticket, you know, for without approval. And in that case, you know, we do wanna leverage these technologies but we wanna find a way to leverage them safely, keep a human in the loop loop, and where required ensure there's a human approval. So I think we can think about those two themes as we sort of move through this session and the future sessions we do around applying AI within the product. Totally. I think that's a great point.

Alright. So before I show MCP, I do wanna give the context of the project that we'll be asking questions about. Here, you can see there's a project that I put together. It's for continuous glucose monitor, remote monitoring system. We have a full set of requirements.

There maybe are some gaps, but we'll explore what that looks like through engaging with the MCP and various tools. So let's get started. So here I'm in Claude, which a lot of our team uses, but my understanding is that a lot of folks in the industry are starting to adopt this more. So let's say I'm on a team and we're looking to develop a software product, in this case, the continuous glucose monitor. And I'm looking to understand what our IEC six two three zero four compliance is.

And maybe I wanna look at this on a regular basis. I can create a scheduled Claude task that helps evaluate my team's readiness for compliance to IEC six two three zero four on a regular basis. Right now, Claude is interacting with my Ketryx end to end traceability as well as my quality management system, which outlines the requirements per six two three zero four to help identify what the gaps are. We'll add in a few more tasks here so they can think in parallel. As Gabriel mentioned, we can also leverage our MCP connector to look at release readiness.

In this case, I'm going to look at items that are assigned to me and ask it to provide me a daily update of the things that I need to be working on. And let's say that we are looking for things across a project and looking to identify if there's a go, no go. We can also set up a task for that. So in this case, it's looking at requirements approval, our test case coverage, any anomalies, flagged risks, and our soup to understand if we're ready to go or not for an overall release and highlighting specific blockers so we can communicate that across our team and to leadership as applicable. So now our six two three zero four report is ready, and we start off by seeing this overall status check.

So here, we can see that there's maybe some yellow zones here related to traceability and test coverage and anomaly management, that there's some requirements that are orphaned, and then maybe some test cases that also don't have direct requirements associated with it. But we also can see here some specific risks around risk management, soup, and our approval status. Now from here, I get a complete picture of the details of each of these, understanding the specific orphaned items, where my test coverage is a bit behind, where my risk management stands. And very quickly, I can understand the overall status of my project. And reflecting on my own experience as a systems engineer, when I was working in a technical leadership role, I often would have to compile reports like this manually on a weekly basis to share with my leadership team so they understood where we were and understood the cross functional risks that existed.

Now rather than me needing to go into multiple documents, look at my COs, in a matter of minutes, I can quickly understand how this is done and even turn it into an automated task that can run on a weekly basis and maybe even send an email directly to that person so it's in their inbox Monday morning when they start working. This is definitely something that I would have loved to use during my time as a systems engineer. Yeah. And I think it reflects it's it's really interesting, Megan. I think one of the other topics I'm like, topics yesterday.

There was so much going on at the conference. I think that one of the other big topics was sort of how can you, as a team, start to encode these types of checks or reports or analysis into your workflow. So we, you know, we support with a bunch of different MCP tools, so capabilities that Claude can leverage against the platform, things like their release readiness tool that we'll look at next. But a lot of this has to do with what are those types of things that you wanna check at the particular phase of the program. And that's something that we work closely with our enterprise customers on in looking at their end to end life cycle and finding ways to add tailored agents that can support and accelerate particular moments in their product life cycle.

So why don't we go into this morning readiness view next? Release readiness is still thinking. So let's say I'm an individual contributor looking to understand what maybe I need to work on next. Now for this specific project, I might not be directly assigned to anything that requires my immediate attention, but there are some traceability gaps that I need to keep in mind. And by working with this daily prompt, I can utilize it as a briefing to understand where to draw my attention for the day as well as the most significant risks.

And I think something that this can be taken to beyond it is understanding across a team where the potential flags of technical risk as well as timeline risk are associated. And daily tasks like this can be really supportive to orient, work to align with goals, and help derisk programs quickly. Now our release readiness run is done. And in this case, this isn't surprising based on what we just talked about, but the verdict is that we're not ready to release. And as we saw before in our six two three zero four design control readiness, there were some gaps.

And these are also highlighted here. So the app the MCP is actively and consistently providing the same flags across multiple prompts at demonstrating a consistent output that's grounded in that end to end traceability as well as the context of my quality management procedures and applicable standards that I'm thinking about. And it doesn't just stop with this high level verdict. It goes into more detail to help me understand what the specific issues are. In this case, there's unapproved requirements.

We got some test cases we need to run, and then there's risk gaps. So from here, not only do I have the context of what the overall status is, but I also have the information for me to understand and communicate the gaps. So as a team, we can work together to close them. Exactly. And the other thing that you can see here, I would say just conceptually, is we're leveraging generative AI to understand what those gaps are.

But, like, Megan, like what you're saying, it's all grounded in in data and deterministic controls from the platform. So, you know, you have more trust in the information that's coming out because it's grounded in controls that have been validated within the platform. Obviously, still concerns, right, around hallucination and and what the generative AI model can do once it receives the context, but Ketryx can at least guarantee that the right context is being provided to the to the model. Definitely. So when we think about, like, how we can apply this, it doesn't just live within our Cloud Code.

We can also bring it to the places that we collaborate and connect with other teammates. So some of you might be using this in your workflow, but Cloud also can be integrated into your Slack environment. So let's say I have a team member or and Gabriel, feel free to jump in whenever you want. A team member oh, go right ahead. Oh, no.

I was gonna say, like, you know, in this case, maybe, you know, we're not building a CGM at all. Often have questions around requirements of our product. Maybe it's, you know, requirements that have a feature that's going into the next release, and we are often, you know, asking these types of questions even though we're not necessarily ourselves developing a medical device, which I think is where you were going, Megan. Absolutely. We're like, there's always these questions.

Do we get a requirement for that? Do we do our test cases? What happens if I think about changing this? And this creates a direct interface for us to ask about it. The the demo gods are are not on our side.

I think one of the while you while you troubleshoot this. Go for it, Gabriel. I think one of the, I think, interesting things particularly around something like a Slack integration and and something that we've experienced internally not just for design control related questions, just documentation questions, questions about the company overall, is that bringing this type of knowledge source to where people work helps build that cultural muscle on leveraging AI for these types of tasks. So it's not just around having a tool that can answer a question, but it's also helping everyone within the organization learn a new way to answer questions. And by bringing this sort of connection to your design controls into the place where teams are collaborating, they start to build in that habit of, oh, I don't need to go.

You know, maybe I will double check with this SME, but let me start by going and doing a first level of research before I engage someone that's probably focused on, you know, a hundred other things. So we're seeing a really interesting approach and impact of bringing this within collaborative workflows. Definitely. Yeah. I love what you're saying, Gabriel, about, like, bringing the information to where people collaborate and making it almost a it's a cultural shift in the way that we think about approaching these things.

Maybe them rather than needing to go schedule a meeting, we can leverage forums like Slack and Teams to help us answer these questions. So the demo gods are now in our favor. And here, we can see that my question around this requirement is that there is one. So Claude has been able to connect to my Ketryx environment and help understand what the requirement is as well as the acceptance criteria associated with it. It also highlights some specific gaps that I might wanna consider.

And I think that this can be really helpful when we're looking to understand maybe potential requirements changes or making sure that we have coverage, especially there's been cases where I've gone and talked to clinicians, and we learn about an edge case that I hadn't thought about before. And I think something like this, especially being out in the field in a hospital and then being able to engage with Claude and ask these questions, could give me quick insights to know, did we cover this, or do I need to flag my teammate to so we can follow-up and maybe figure something out together? There was Mega, there was one one piece from a speaker yesterday that was actually more focused on the the sales side of the house around how to get people to engage with a particular tool. And one of the points that they made was really related to what you were saying around information capture and feedback capture, that if you are now having a conversation with Claude around the product grounded in product knowledge, you now have this session to go back to for future context when you actually need to go make a design decision. So you're sort of able to collaborate in real time rather than saying, let me just write that note down, and I'll think about it later.

So there's just all these sort of second order effects that I think we're not we don't see until it's in practice. Definitely. And we can even run a specific example here of something like that. Like, let's say that we talk to a clinician and they're thinking about connecting another Dexcom device. Like, this is something we can do in real time.

And as Gabriel follow-up like, mentioned, continue to follow-up on. Humans are flawed. And I know I'm one of those people that needs to write things down, and it's super helpful to have it living in a chat to refer back to later. As well as get, like, the quick feedback to understand, like, what this might mean. For example, like, adding on this new product, is this gonna be a several year project or, like, a six month initiative?

And that's a good thing for me to get a quick understanding of. So if I'm engaging with an external person, can say, hey. I appreciate the feedback. This might be a little bit bigger than we initially thought. Or, you know, that's a great idea.

Let me check with my team and understand like, this seems something that's feasible. So it can help tailor or at least in hindsight, like, help tailor my responses to clinicians and external folks. And, of course, many you know, some of these queries, I think, can take quite a long time depending upon the level of analysis that you have. Like, we have a number of change impact tailored change impact agents that will run for, you know, a few hours but are able to go through thousands of requirements and find those things that the team might have missed. So it's not just around bringing the right context at the right time, but also sometimes doing a, you know, an even better analysis with the support of an expert than we could do before.

Totally. So in the case of this Desktop integration, like, we all saw it happen in real time. Pretty quickly, we got an idea of what might need to change. And, of course, this is an initial response, and leveraging Ketryx AI and other tools might be supplementary. But these kind of things can be supportive to teams.

Now let's move over to one more scenario. At least this is true in our team and with other folks that I've been working with, a lot of folks are utilizing AI to support their software development workflows, both to create code or understand the context of code. So in this case, I'm utilizing Cursor. Here, I have the software for my product, and I'm going to ask for help with the Cursor agent to update my code to change a specific behavior. So we're gonna let this think.

It's looking at my software specification and the change here and helping me update the code in real time. Gabriel, I know our team utilizes AI to support our coding initiatives. How have tools like Ketryx MCP been helping our team with doing work like this? Yeah. I think what's what's really exciting on the MCP front, we were big users of Cloud Code.

I think Cloud Code can do a lot more than just generating code. You can collaborate with Cloud. You can brainstorm. Even when we're talking about a a new feature, you know, it's a great thought partner. You know, you pull a bunch of the SMEs into the room and have a conversation, collect that context, and then out of that conversation and some back and forth with with Claude, you can come up with a a draft set of requirements.

So I think that's one one input. And then once those requirements have been, essentially reviewed and approved and put into Ketryx, you can kick off your coding agent, which now has the set of requirements that needs to implement against and ensure that those requirements are are satisfied. If you're generating sort of a first batch of sort of unit and integration tests, now you have that that context to move forward with. So I think it's again, like we said at the beginning, like, a lot of the ways in which we're working are evolving and making sure that the team has access to the right tools to experiment with, I think, is one of the key key things at this moment. It's not necessarily a, hey.

Here's our cookie cutter way that we're gonna use everything. It's more of, hey. Here are the resources we have. Here's the different tools that we can use. And finding those people that are ready to experiment are farther along that AI maturity curve to experiment and figure out how it best supports your workflow.

I think that's one other one other insight that came out of yesterday. I'm a I'm a broken record here. Definitely. And trying things out, seeing what works, and figuring out the process, but also remaining critical in your thinking. Yep.

That's really important, especially with safety critical devices. Like, these tools help us move faster and be more productive in certain ways, but it's always important to keep our team in the loop, making sure that it aligns with the true insight and knowledge of a clinical application or device application. So in this case, Cursor has helped update some of our code associated with this threshold modification. And for the key purposes of this demo, I'm not going to review it, but we will commit it. And it's been added in.

Now it doesn't just go with it Ketryx MCP doesn't just help with, like, creating the code and giving the context to your coding agent infrastructure on okay. Train of thought. Ketryx MCP helps make your coding agents more smart. It gives that context of that end to end traceability. So and your QMS.

So it's more effective in the way that it approaches these things. Rather than just creating updated alarm threshold logic, it has the context of updated so it can be a little bit more intelligent. So let's say we're going to update we updated our code instead, and I wanna understand how it's going to impact my software specs. It can go the opposite way as well, looking at my code and understanding what requirements need to change as an output of this. So as it thinks, it's going to be looking at this end to end traceability and helping identify what my team might need an update as an output of this, which I think is helpful the other way too.

I mean, I've been on teams where a code has changed or the design has changed and the controls are just left behind. And, eventually, the gap gets identified, but having it happen in real time can be very supportive so it's not a late stage finding or found during verification or even just as we're preparing to go to V and V. Definitely would have been something that I would have loved to use. Yeah. And this sort of how do we keep our, you know, systems and quality and our r and d and development more in sync?

You know, traditionally, it's been very waterfall requirements, you know, slow down to spec to code, but, really, it's often an agile process, a more iterative process. And we can sort of think of of these back and forth, essentially, as the two different functions sort of talking to each other in a way. Right? From the code, we wanna make sure the spec is correct. And as a quality or systems person, from the requirement and spec, is the code correct?

So different tools, different sides, different perspectives, but all aligned towards producing a high quality product that we can trust. And then the other piece right now, you know, these are all read only tools. You know, over time, we will add in as we learn more around how this particular feature interacts with customers and users, we'll continue to add in additional tools. You can find in the documentation if you search MCP, you'll see all the tools that are available, and we'll continue to add additional tools. We'll definitely get down the route of some right tools, although we we will need to be careful and enroll those out in in partnership with with our users.

So here's a a good output that we have to now review. Definitely. So here, I think this is a great example of how someone on the development side might be able to flag a gap in the controls. So here, we developed code, and let's say, like, we're happy with the code and how it's performing. But here, we're missing a specification where there's a difference in our threshold interpolate interpolation threshold and behaviors and unit conversion, incorrect references.

This gap, I think, is really important and at least reflecting on my own experience, something that, like, would be a great conversation starter to understand if we code incorrectly or is the spec wrong. Like, let's chat about this together and figure out what the right solution is. So as Gabriel mentioned, this is a great way to bring this, like, compliance work that's really the underpinning thread of making sure that these devices are safe and effective to the places that people work and equalizing the knowledge base across folks so we all can be more effective and productive towards creating these devices that are meant to do safety critical functions and understanding where the gaps are so we can work together to close them together and figure out what the right thing to do is for our product and the users. Yep. And and just to say, you know, we we're focusing on the documentation specification here.

But for our regulatory folks, regulatory affairs, you know, partners, when it comes to understanding the regulatory impact of a particular change. This is where, again, having that type of sort of ambient check to look at not only what is being has been documented. So, hey. We have our, I don't know, UI designs in Figma, but also look at what is being implemented within the code base. And from these two in this sort of, like, source of truth data, being able to ground answers like, oh, is this gonna affect?

Am I gonna re need to resubmit? Can I, you know, leverage my predetermined change control plan for the for these changes? I'm really excited for all of the use cases that come out as we enable folks to query this context and analyze this context through one interface. It's very exciting. Absolutely.

So I was wondering if we have any questions online. Yeah. It looks like we have two. I think the first oh, I'm so sorry that we, you know, missed I missed this a little bit earlier. So we can go through two of these.

One is around scheduled tasks. I think on the scheduled tasks front, if we go back into Claude and it it depends. You know, there's lots of different platforms here whether you're using Copilot or something like Codex. They all have some form of a scheduled task, and the scheduled task supports a prompt and then a frequency. And within that prompt, as long as you've configured the Citrix MCP for your cloud desktop environment, you can include in that prompt, can you look at the Katrice MCP for a particular requirement or for a particular analysis?

And then on a daily basis, you'll get essentially a briefing or a response against this particular analysis. So great question. And then for LLMs, yes, this works for other LLMs. So if you're if you're leveraging something like ChatGPT or or Codecs, you can leverage the the MCPs, just a different way of configuring. And then the documentation for the Ketryx MCP server, it is available online at docs dot Ketryx dot com, and you'll just need to to log in to the to your account in order to access that that documentation.

So I can drop the the link to that documentation in now for for folks to view. Oh, perfect. Thank you, Megan. No problem. Yeah.

And it includes everything that you might need to know about this. And then I see a final question around around pricing on this. So in this case, the the tokens that are are being consumed for for for for most of these use cases are all within sort of your existing platform. We have sort of pricing information happy to share in a conversation when we, on our on our platform, are consuming tokens or or AI actions. I was happy to get into more details on that, but I think the nice thing about, you know, MCP in this case is that you are leveraging your cloud subscription plus context from from Ketryx.

And then I see a question on so the MCP server is sitting between Ketryx and Claude. So in this case, the MCP server is integrated into Ketryx. So you we enable you to leverage sort of standard authentication flows When you configure the MCP into Claude, for example, it will bring you through a login flow in your browser, and you'll authenticate just like a user would to Ketryx, and that will then authenticate the MCP and Claude. Thank you so much for for everyone who attended and sort of walked through some of these use cases. We absolutely love talking about this, space, use cases for leveraging AI within your workflow.

So if any of y'all want to connect and spend some time going through your workflow and how to better leverage these AI tools, please reach out, and we'll set up some time. But other than that, hope that the documentation and the guides available on docs dot Ketryx dot com can get you started in leveraging MCP across your workflow. Any other final words, Megan, to to round us out? I'm gonna bring it back to the beginning. This is something that I am very excited about because it really does equalize the access of compliance information across teams and helps teams spend it makes it more straightforward to understand compliance work while you're working on it, which is personally what really excites me.

When I reflect on my experience as a systems engineer, I can recall many times sitting with four or five different tabs open across multiple screens, making sure that I was following a procedure appropriately or looking at the full context of traceability or end to end compliance. And I think this kind of tool would have been really supportive for me, and I'm very excited, over time to continue to see the benefits that it brings to customers in the way that they're doing this work.
