MCP Dev Summit North America

As MCP adoption accelerates across platforms, the risks of giving LLMs tool access are growing quickly. This session explores the real threat surface of MCP systems: prompt injection, tool poisoning, unsafe permissions, supply-chain “rug pulls,” cross-tool escalation, and data-exfiltration risks that arise when agents can call arbitrary tools. Building on Microsoft's recent work hardening MCP on Windows, we outline a practical reference architecture for secure deployments: signed and verified tool manifests, unique server identities, scoped capabilities, sandboxed execution, authenticated connections, governance via registries, audit logging, and runtime anomaly detection. Attendees will leave with a blueprint for running MCP in production: what to lock down, how to operate it safely, and how enterprises can integrate MCP into existing security, IAM, and compliance frameworks. This talk equips developers, architects, and security teams to build safer agentic systems and contribute to a more secure MCP ecosystem.