Vishal Chaudhari
Mastercard, Principal Software Engineer
Pune, India
Actions
Area of Expertise
Topics
Agentic Threat Modeling and Mitigation Strategies
Agentic Threat Modeling and Mitigation Strategies focuses on securing AI systems that can reason, plan, and take actions using tools. It treats reasoning itself as an attack surface and designs controls so that hallucinations, poisoned context, or incorrect plans cannot turn into real‑world damage. The goal is to ensure that agents can propose intelligently, but systems execute safely through strict boundaries, permissions, validation, and observability.
This session includes a technical deep dive and assumes basic familiarity with GenAI, LLMs, and agentic systems. Attendees should have an architectural or engineering background, ideally working with enterprise or production AI systems.
Target audience includes solution architects, platform engineers, security architects, senior developers, technical leaders, and anyone responsible for designing or governing agentic AI systems in enterprise environments.
The session is suitable for conferences, internal architecture forums, security briefings, or technical leadership summits. It is appropriate for first public delivery as well as executive or engineering roadmaps.
MCP Security & Operations
This session explains how to run Model Context Protocol systems safely in real production environments, where agents can call tools that touch sensitive data and high impact workflows. It covers the security model you need to treat MCP as a trust boundary, including capability based permissioning, least privilege access, and strict separation between read and write tools. It also dives into sandboxing strategies to reduce blast radius, such as isolating execution environments, enforcing data residency, and preventing untrusted context from influencing privileged actions. On the operations side, it focuses on observability that makes MCP explainable and auditable end to end, with the right telemetry to track who called what tool, why it was allowed, what data scope was accessed, and what outcomes were produced. Finally, it lays out governance practices for tool catalog versioning, contract stability, change control, and incident readiness so MCP adoption scales without turning into a security or compliance liability.
Technical requirements
This is a slide‑based session with no live demos. Attendees do not need to install or prepare anything in advance.
Target audience
Designed for architects, platform and security engineers, SRE and DevOps practitioners, and technical leaders responsible for operating or governing agentic systems and MCP servers in production environments.
Experience level
Intermediate to advanced. Basic understanding of APIs, identity and access control, and distributed systems is helpful. Prior hands‑on MCP experience is not required.
Preferred session duration
25 to 30 minutes, suitable for conference or forum slots, with optional short Q and A.
Session format
Technical conference talk focused on MCP security models, permissioning, sandboxing, observability, governance, and day‑2 operational considerations. No workshops or hands‑on exercises required.
First public delivery
Suitable for first public delivery. Architecture‑focused, and framed using generic enterprise examples.
Conference fit
Relevant for security, cloud, platform engineering, AI engineering, and enterprise architecture tracks.
Materials
Presentation slides only. No additional handouts or preparation required.
Audience takeaways
Clear understanding of MCP as a security boundary
Practical permissioning and sandboxing patterns
Key observability signals for operating MCP safely
Governance mindset for running MCP in production without increasing risk
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top