Understanding MCP security implications

Bill Doerrfeld | May 21, 2025

My talk at APISEC|CON 2025 covered agentic AI and MCP security risks and mitigations

Today I presented at APIsec University's APISEC|CON event, sharing my (limited) knowledge about MCP security implications. Since some attendees asked for them, here are my slides:

SLIDES: Understanding MCP Security Implications [PDF]

As I covered on The New Stack recently, researchers have discovered that MCP is not secure by default. It's prone to vulnerabilities such as tool poisoning, rug pulls, tool shadowing, and remote control execution (RCE).


My presentation covered the hype around agentic AI and the excitement around MCP. It then looks at these risks and suggests some mitigations.


It was very helpful for me to put this together, and I'll post the recording of the session once it's out.


 I'm looking forward to closely following autonomous AI, MCP, and related standards, and what all this means for protecting access to underlying APIs. 


Watch: Understanding MCP security risks (recording coming soon)

Reviewing Port of Context (pctx)

By Bill Doerrfeld January 26, 2026
The more folks use MCP servers in development, the more they’re realizing it can lead to runaway token usage, unpredictable response sizes, and flooded context windows.

Are all developers equally productive with AI? Not quite.

By Bill Doerrfeld January 20, 2026
Who really benefits from AI coding tools? New research suggests AI amplifies existing top performers more than average developers. Read my post on LeadDev.

Edge AI becomes more important for inference

By Bill Doerrfeld January 19, 2026
Many say edge computing will enable the future of AI inference. For InfoWorld, I looked at the tech required, and the roadblocks to overcome to get us there.

Developers are confident on the future of MCP

By Bill Doerrfeld January 15, 2026
Survey data from Zuplo finds rising MCP adoption, security concerns, and shows how developers are using MCP servers to connect AI with APIs in 2026.

Lessons learned from 6 overhyped tech trends

By Bill Doerrfeld January 5, 2026
Blockchain for everything, metaverse, big data, NFTs... In hindsight, what were we thinking? Today, I call out some of tech's biggest overhyped trends on InfoWorld.

What is agentic metadata?

By Bill Doerrfeld January 5, 2026
Like any production software application, AI agents are producing a spectrum of metadata behind the scenes. Some are calling agentic metadata a “gold mine” to direct continual improvements.

Build the machine that builds the machine

By Bill Doerrfeld December 19, 2025
My latest DirectorPlus column with LeadDev interviews Bedrock Robotics' CTO, Kevin Peterson, on what it takes to develop highly adaptable and safe autonomous machines.

What makes a great tech conference abstract?

By Bill Doerrfeld December 17, 2025
I explore some tips to help speakers craft solid pitches. The Nordic APIs speaker selection committee looks for these sorts of things, but the tips could apply to any tech event.

What will 2026 hold for AI and APIs?

By Bill Doerrfeld December 11, 2025
I made 10 predictions on how AI and APIs will converge in 2026. Signs point to AI agents being the next big API consumer.
Brain in a gravitational well, surrounded by concentric circles, with blue lines extending from the brain.

Tap these 10 MCP servers to supercharge devops

By Bill Doerrfeld December 8, 2025
My latest for InfoWorld breaks down 10 MCP servers powering next-gen devops workflows, from GitHub and Atlassian to AWS and Pulumi.