Blog Layout

Understanding MCP security implications

Bill Doerrfeld | May 21, 2025

My talk at APISEC|CON 2025 covered agentic AI and MCP security risks and mitigations

Today I presented at APIsec University's APISEC|CON event, sharing my (limited) knowledge about MCP security implications. Since some attendees asked for them, here are my slides:

SLIDES: Understanding MCP Security Implications [PDF]

As I covered on The New Stack recently, researchers have discovered that MCP is not secure by default. It's prone to vulnerabilities such as tool poisoning, rug pulls, tool shadowing, and remote control execution (RCE).

My presentation covered the hype around agentic AI and the excitement around MCP. It then looks at these risks and suggests some mitigations.

It was very helpful for me to put this together, and I'll post the recording of the session once it's out.

I'm looking forward to closely following autonomous AI, MCP, and related standards, and what all this means for protecting access to underlying APIs.

Watch: Understanding MCP security risks (recording coming soon)

< Older Post

Newer Post >

Other Blog Posts

Agentic AI requires new systems thinking

By Bill Doerrfeld • April 20, 2026

My InfoWorld feature reviews the key building blocks in agentic systems and with real-world examples from Shopify, Block, and others.

What goes into a solid MCP registry?

By Bill Doerrfeld • March 31, 2026

My latest InfoWorld feature explores what makes an enterprise MCP registry effective, from semantic discovery to governance and security for AI agents.

CISOs shift from perimeter security to API security

By Bill Doerrfeld • March 30, 2026

My first-ever contribution to CSO Online looks at the shifting landscape, from perimeter-based security to API security, and how CISOs are responding.

Fixing the AI slop problem in open source

By Bill Doerrfeld • March 29, 2026

My latest feature for The New Stack looks into solutions being proposed to fix open source Slopmageddon.

A digital pattern of rounded rectangular blocks in shades of blue and purple, arranged in an interlocking layout.

Agentic AI is reshaping platform engineering at Squarespace

By Bill Doerrfeld • March 27, 2026

My latest DirectorPlus looks at how agentic AI is reshaping platform engineering at Squarespace: less shared code and more developer experience focus.

5 impressive API monetization models

By Bill Doerrfeld • March 19, 2026

Usage-based pricing is reshaping the API economy. Discover 5 API monetization success stories, including OpenAI, Plaid, and AssemblyAI.

A lightbulb against a purple background, containing a human brain with an

Why event-driven APIs matter for AI workflows

By Bill Doerrfeld • March 18, 2026

Why event-driven APIs matter for AI workflows, enabling real-time data, scalable systems, and responsive agent behavior.

Exploring frontier models for physical AI

By Bill Doerrfeld • February 28, 2026

While hardware usually gets the spotlight in physical AI, the real differentiator won't be hardware. It'll be the models.

Workato's internal MCP success story

By Bill Doerrfeld • February 27, 2026

In the latest DirectorPlus, Workato's CTO explains how MCP-enabled integration catalyzed internal AI usage and ROI.

5 official MCP servers from major clouds

By Bill Doerrfeld • February 18, 2026

My latest on InfoWorld reviews MCP servers from 5 major cloud providers

Share by: