Understanding MCP security implications

Bill Doerrfeld | May 21, 2025

My talk at APISEC|CON 2025 covered agentic AI and MCP security risks and mitigations

Today I presented at APIsec University's APISEC|CON event, sharing my (limited) knowledge about MCP security implications. Since some attendees asked for them, here are my slides:

SLIDES: Understanding MCP Security Implications [PDF]

As I covered on The New Stack recently, researchers have discovered that MCP is not secure by default. It's prone to vulnerabilities such as tool poisoning, rug pulls, tool shadowing, and remote control execution (RCE).


My presentation covered the hype around agentic AI and the excitement around MCP. It then looks at these risks and suggests some mitigations.


It was very helpful for me to put this together, and I'll post the recording of the session once it's out.


 I'm looking forward to closely following autonomous AI, MCP, and related standards, and what all this means for protecting access to underlying APIs. 


Watch: Understanding MCP security risks (recording coming soon)

Other Blog Posts

My research into 10 MCP gateways

By Bill Doerrfeld June 10, 2026
I'm working with Zuplo on some new content around their MCP Gateway release. First up: a deep comparison of MCP gateways on the market!

Signs point to AI talent redistribution, not replacement

By Bill Doerrfeld June 10, 2026
The constant barrage of AI layoffs is overshadowing the economic reasons behind these cuts, as well as the net-positive talent redistribution happening at large.

Reviewing MCP servers to connect with databases

By Bill Doerrfeld June 8, 2026
My latest for InfoWorld reviews MCP servers and agent-ready tools for connecting AI agents with popular database styles.

When do you pull the plug on software projects?

By Bill Doerrfeld May 29, 2026
For my latest DirectorPlus edition, Joel Carusone from NinjaOne shares how engineering leaders can build the muscle for making tough calls.
Close-up of a glowing laptop keyboard in blue light, viewed at an angle with the screen above

How MCP supports context engineering

By Bill Doerrfeld May 25, 2026
My latest InfoWorld feature explores how Model Context Protocol (MCP) supports context engineering for AI-assisted coding.
A set of metal keys on a keyring resting on a wooden surface.

API keys don't equal security. Here are 10 reasons why.

By Bill Doerrfeld May 22, 2026
My latest for Nordic APIs explores 10 API key security risks and what to use alongside keys for stronger API security.

MC'ing at apidays New York 2026

By Bill Doerrfeld May 18, 2026
The yearly API conference, apidays New York, is a hotbed for solid discussion on what's top of mind in the API space, and as MC I had a front row seat.

Using agentic AI to accelerate sales teams

By Bill Doerrfeld May 13, 2026
My latest for CIO Online features real results form CIOs actively deploying AI agents to empower sales and revenue teams.

Avoid hastily bolting AI into existing products

By Bill Doerrfeld May 12, 2026
Reports say consumers are souring on AI everywhere, all the time. So, at the risk of losing trust, or even potential business, is adding AI to an existing product really worth it?

Agentic rebuilds are the new forking

By Bill Doerrfeld May 1, 2026
Cloudflare rebuilt Next.js over a weekend using agentic coding.