Watch On-Demand
On-demand workshop
OWASP MCP Top 10: Securing the New Trust Boundary for Agentic AI
OWASP MCP Top 10: Securing the New Trust Boundary for Agentic AI
MCP connects agents to tools, APIs, files, databases, developer environments, cloud services, and enterprise workflows. That power is exciting, but it also creates a new attack surface that many teams are only beginning to understand. In this on-demand session, you'll explore the OWASP MCP Top 10 through practical scenarios, attacker mindsets, and defensive patterns. We will look at risks such as prompt injection through tools and resources, tool poisoning, excessive agency, unsafe tool execution, over-permissioned MCP servers, context leakage, insecure authentication and authorization, supply chain abuse, weak logging, and governance gaps.
Rather than staying theoretical, the workshop will walk through real-world-style examples showing how MCP risks appear in agentic AI workflows and how they can be threat modeled, tested, and mitigated. You'll leave with a clear understanding of MCP security risks, practical review questions, and actionable controls they can apply when building, adopting, or governing MCP-enabled AI systems.
Rather than staying theoretical, the workshop will walk through real-world-style examples showing how MCP risks appear in agentic AI workflows and how they can be threat modeled, tested, and mitigated. You'll leave with a clear understanding of MCP security risks, practical review questions, and actionable controls they can apply when building, adopting, or governing MCP-enabled AI systems.
Form title goes here
Lorem ipsum dolor, sit amet
consectetur
adipisicing elit. Eligendi temporibus hic minima.
View this session to:
- Understand why MCP is a new trust boundary for agentic AI.
- Learn the major security risks covered by the OWASP MCP Top 10.
- See practical examples of MCP abuse paths and failure modes.
- Learn how to threat model MCP clients, servers, tools, and resources.
- Walk away with defensive controls for safer MCP adoption.
Speaker
Speaker
Vandana Verma Sehgal
Staff AI Security Advocate, Snyk
Or Maybe You Don't Have Speakers, So This Module Will Work Better
Add your event details here. If you don't want the button, clear the element. Down below is a space to call out different sessions or something of the sort. You can toggle one more if you need. If you don't want any of them, toggle them off.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur non euismod lorem. Fusce auctor pellentesque ipsum, ut placerat purus convallis et. Nullam ac urna non nibh tempor elementum. Vivamus in blandit sapien.
Session 1 Title
Session 1 event details. Delete the button if you don't want it.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
Session 2 Title
Session 2 event details. Delete the button if you don't want it.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
Session 3 Title
Session 3 event details. Delete the button if you don't want it.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
Mini Text
This is headline-large and it is best to be kept to 2 lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Curabitur non euismod lorem. Fusce auctor pellentesque ipsum,
ut placerat purus convallis et. Nullam ac urna non nibh tempor
elementum. Vivamus in blandit sapien.
Mini Text
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
Mini Text
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
Mini Text
This is a text grid headline and should be kept to two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is headline-large and it is best to be kept to 2 lines
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean rhoncus lorem nec egestas
The development process changed
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
The development process changed
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
The development process changed
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
The development process changed
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
Resources for Python
Optional text - always on, but don't input if you want
blank
Resources for Python
Optional text - always on, but don't input if you want
blank
Resources for Python
Optional text - always on, but don't input if you want
blank
Resources for Python
Optional text - always on, but don't input if you want
blank
This is headline-large and it is best to be kept to 2 lines
Lorem ipsum dolor sit amet consectetur, adipisicing elit. Nulla quos asperiores ex quasi ratione nihil ea tempore praesentium similique pariatur odio quidem, aliquam, ipsum cupiditate temporibus excepturi, eius ullam mollitia.
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Aenean rhoncus lorem nec egestas
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Aenean rhoncus lorem nec egestas
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Aenean rhoncus lorem nec egestas
This is a text grid headline and should be two lines
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Aenean rhoncus lorem nec egestas
Mini Text
Maybe You Have Event FAQs. Or Maybe You Like This Module For The Event Info.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur non euismod lorem. Fusce auctor pellentesque ipsum, ut placerat purus convallis et. Nullam ac urna non nibh tempor elementum. Vivamus in blandit sapien.
Marketo template question
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
Marketo template question
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
Marketo template question
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
Marketo template question
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam eu mi ex. Quisque at rutrum diam, in ultrices mi.
Millions of developers build securely with Snyk
Snyk is trusted by the world’s most innovative companies.
Milhões de desenvolvedores criam com segurança usando a Snyk
Millones de desarrolladores crean con seguridad usando Snyk.
Keep reading
Related content
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Slider title
Not ready for a live demo?
See Snyk in action On-Demand
