mcp-security
Safeguard articles tagged "mcp-security" — guides, analysis, and best practices for software supply chain and application security.
57 articles
Agentic Procurement: Letting AI Agents Buy Software Safely
Agents can now evaluate, trial, and pay for software without a human in the loop. The controls that make that safe: spend caps, allowlists, verifiable merchants, and audit trails.
Securing MCP Servers: A Practical Checklist
MCP servers are runtime dependencies your agent trusts implicitly. Here is a concrete checklist for auth, tool pinning, sandboxing, and monitoring before you ship one.
What is Model Context Protocol (MCP) Security
MCP security explained: how tool poisoning, rug pulls, and 2025's critical CVEs (mcp-remote, MCP Inspector) put AI agents at risk—and how to defend against them.
What is AI Agent Security
AI agent security explained: how autonomous AI agents get attacked through prompt injection, tool poisoning, and exposed MCP servers, and how to stop it.
Inside the Agentic Development Supply Chain Report
Safeguard's research team analyzed 42,000+ repositories with agentic commit activity, finding new dependency, MCP server, and SBOM gaps introduced by AI coding agents.
Agent Security Buyer's Guide Overview
As AI agents gain production write-access across the enterprise, security teams need a rigorous buyer's guide to separate real agent security platforms from repackaged AppSec dashboards.
MCP vs Skills vs Hooks vs Rules Explained
MCP, Skills, hooks, and rules extend AI coding agents in very different ways — two execute code, two only steer behavior. Here's how each one breaks.
Explaining Model Context Protocol and its expanding attac...
MCP security is now urgent: MCP servers grew from 700 to 16,000+ in a year, and most are unaudited. Here is the threat model and how Safeguard secures it.
Analysis of known MCP server CVEs and disclosed vulnerabi...
Two critical CVEs — in mcp-remote and Anthropic's MCP Inspector — reveal how MCP server vulnerabilities let untrusted servers execute code on client machines.
How tool poisoning attacks compromise MCP tool descriptions
A single poisoned tool description can turn a trusted MCP server into a silent data-exfiltration channel. Here's how these attacks work — and how to stop them.
Step-by-step guide to hardening and securing an MCP serve...
A practical, step-by-step guide to hardening and securing an MCP server deployment -- authentication, sandboxing, network policy, and monitoring included.
Risks of MCP server rug-pulls and silently changing tool ...
An MCP rug pull attack swaps a trusted server's tool definitions after approval. Here's how tool definition drift happens, and how Safeguard catches it early.