Loading…
April 2-3, 2026
New York, NY
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit North America to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
If You Can Secure It Here, You Can Secure It Anywhere - Milan Williams & Katrina Liu, Semgrep
Thursday April 2, 2026 4:30pm - 4:55pm EDT
Empire Complex (7th Floor)
Here's the thing about being a security company: you can't ship a vulnerable MCP server. For us, getting pwned isn’t just embarrassing - it gets us on the front page of Hacker News. Our customers trust us to protect them from nation-state attackers, well-funded adversaries (and the odd teenager attacking for lolz.)

At the same time, the MCP ecosystem is still maturing. Hardening standards for sophisticated attackers don't exist yet. And with high-profile supply chain attacks now targeting agents, attackers are actively exploiting the trust developers place in their toolchains. Last year, a flaw in mcp-remote turned into a remote code execution nightmare, exposing over 400,000 developers. That's the reality we're building in.


When it came to our MCP server, we built it using the same rigor we use to protect the world's largest companies. This talk covers the threat model we designed against, gaps in MCP's current design that required workarounds, and ultimately how we built an MCP server trusted by enterprise customers, and hardened against even the most novel attacks. If we can secure it here, you can secure it anywhere.
Speakers
avatar for Milan Williams

Milan Williams

Senior Product Manager, Semgrep
I build security products. I'm a Senior Product Manager at Semgrep, a high-growth cybersecurity startup. I lead the teams responsible for Semgrep Code (SAST) and Secrets detection products.

I recently graduated from Harvard University with degrees in Computer Science and Physics. In my free time, you can find me geeking about the latest in security / developer tooling, running in San Francisco's Golden Gate Park, or enjoying local theater... Read More →
avatar for Katrina Liu

Katrina Liu

Software Engineer, Semgrep
Katrina is a software engineer at Semgrep. She is on the Semgrep Analysis Foundations Team, the team that owns and maintains the core static analysis functionality of the Semgrep tool. She is currently working on Semgrep's MCP server.
MCPDevSummit Semgrep, Katrina & Milan (1) pptx
Thursday April 2, 2026 4:30pm - 4:55pm EDT
Empire Complex (7th Floor)
  Security and Operations

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling Software Privacy Terms
Share Modal

Share this link via

Or copy link