The long-running joke so far has been “The S in MCP stands for security” and this is no secret as just about every organization is talking about it. Aside from prompt injections, MCP Server security is arguably the biggest issue in the AI security world right now.

With both stdio (like libraries/modules) and streamable http (an MCP Server sitting in someones environment), organizations need to ask themselves how they're implementing auth at both the system and user level to access these MCP servers (and from the Agents), what tools are exposed from the MCP Servers, and how the tunnel (from user/agent to MCP Server) is observed and secured.

In this session, you'll learn how to plug security holes by understanding the current standards (stdio and streamable http), authentication at both the system and user level (jwt, oAuth, and OIDC), and how to specify what tools should be exposed from MCP Servers with traffic policies.