Understanding MCP security implications

Bill Doerrfeld | May 21, 2025

My talk at APISEC|CON 2025 covered agentic AI and MCP security risks and mitigations

Today I presented at APIsec University's APISEC|CON event, sharing my (limited) knowledge about MCP security implications. Since some attendees asked for them, here are my slides:

SLIDES: Understanding MCP Security Implications [PDF]

As I covered on The New Stack recently, researchers have discovered that MCP is not secure by default. It's prone to vulnerabilities such as tool poisoning, rug pulls, tool shadowing, and remote control execution (RCE).


My presentation covered the hype around agentic AI and the excitement around MCP. It then looks at these risks and suggests some mitigations.


It was very helpful for me to put this together, and I'll post the recording of the session once it's out.


 I'm looking forward to closely following autonomous AI, MCP, and related standards, and what all this means for protecting access to underlying APIs. 


Watch: Understanding MCP security risks (recording coming soon)
Overhead view of construction site with workers in orange vests, metal beams, and dark concrete.

Finding business leverage with multiple agents

By Bill Doerrfeld August 30, 2025
For my latest DirectorPlus column with LeadDev, I synced with JB Brown, VP of engineering at Smartsheet, to learn about their multi-agent AI development strategy.
Pink and purple sunset sky with dark, fluffy clouds.

Alternative clouds are having a moment

By Bill Doerrfeld August 25, 2025
Alternative clouds are having a moment. Nearly 75% of orgs are using two or more alt clouds beyond the hyperscalers, according to a HostingAdvice.com report.
Digital global CIOs digital sovereignty

Digital sovereignty is now impossible to ignore

By Bill Doerrfeld August 20, 2025
The cloud is no longer borderless. Rising regional data laws and sovereign cloud mandates are forcing CIOs to act.
A

Multi-agent AI workflows reshape the developer's day-to-day

By Bill Doerrfeld August 11, 2025
In a multi-agent coding workflow, an engineer leads a "team" of specialist AI agents to perform various SDLC tasks: scaffolding, coding, testing, log analysis, deployment, and more.
Open source software churn end of life

When critical open source goes end of life...

By Bill Doerrfeld August 8, 2025
Open-source software churn is accelerating. With more frequent version end-of-lives and even total project abandonments, it's harder than ever to keep up.
Hype drives most programming language igrationsigra

Most language migrations are driven by hype

By Bill Doerrfeld July 30, 2025
I covered a report from HostingAdvice.com, which found that the majority of programming language migrations are driven by hype, instead of proven outcomes.
Cross-functional teams help Stack Overflow adapt LeadDev DirectorPlus 2025

Can Stack Overflow keep pace with AI disruption?

By Bill Doerrfeld July 28, 2025
Facing an existential crisis, Stack Overflow has had to pivot quickly. I synced with a director to discover what team strategies are helping them adapt.
System Initiative feature InfoWorld doerrfeld

System Initiative: a radical overhaul of infrastructure automation

By Bill Doerrfeld July 14, 2025
System Initiative aims to replace the toil of maintaining config files with a data-based digital twin and visual modeling engine. An engine for DevOps, if you will.
CIOs describe why AI agents need APIs

Without APIs, agentic AI is all talk

By Bill Doerrfeld July 10, 2025
My latest feature on CIO.com explores why CIOs view APIs as a critical linchpin to realize success with agentic AI. Learn what it'll all take.
AI tooling directorplus doerrfeld one year

Celebrating a year of DirectorPlus

By Bill Doerrfeld June 30, 2025
A year into the DirectorPlus newsletter, I check back in with past guests on how their organizations are approaching AI tooling strategies.