The Model Context Protocol (MCP) is moving fast from experimental to enterprise-ready. I am working with a number of customers / prospects / community members who want to go beyond locally deployed stdio transport MCP servers to multi-tenant remote HTTP “MCP services”.| ceposta Technology Blog
This is long compilation of all the recorded MCP security flaws in the wild.| composio.dev
We know building MCP servers are where everyone’s mind is when it comes to AI agents. That is, if you’re going to build useful AI agents, they will need access to enterprise data, tools, and context. Enterprise companies are scrambling to figure out what this means. Does this mean they build MCP servers instead of APIs? Which vendors’ MCP servers do they use? How do they secure these flows? How do they govern any of this?| ceposta Technology Blog
The Model Context Protocol (MCP) and Agent 2 Agent (A2A) specification are similar RPC style protocols that specify interaction between Agents and Tools (MCP) and Agents and other Agents (A2A). They both focus on client/server remote function invocations but do not specify protocol-specific security. MCP started to dip its toes into specifying an Authorization framework, but that has been a bumpy ride so far.| ceposta Technology Blog
Explaining the Model Context Protocol and everything that might go wrong.| blog.sshh.io