Build, Deploy and Harden an MCP Server from Scratch
Speaker - Anshu Gupta
Abstract
Model Context Protocol servers have become the privilege boundary of the agentic AI era, the broker that hands AI agents real access to your files, APIs, databases, and SaaS systems. Yet they are being shipped faster than security practice can keep up: recent scans of thousands of internet-exposed MCP servers found that a large share run with no authentication at all, and dozens of MCP-specific CVEs surfaced in early 2026 alone, dominated by shell injection, auth bypass, and tool poisoning.
In this hands-on 90-minute session, you will build a working MCP server from scratch, deploy it, and then attack and harden it yourself. We will move past "hello world" tutorials into the controls that actually matter in production: authentication and token handling, least-privilege tool scoping, prompt-injection and tool-poisoning defenses, secrets management, network and container hardening, audit logging, and CI/CD security gates. You will leave with a hardened reference server, a working threat model, and a checklist you can apply to any MCP deployment on Monday morning.
What you will learn
How to build a functional MCP server (tools, resources, transport) and why stdio is a transport choice, not a security control
The MCP threat landscape: token mismanagement, tool poisoning, confused-deputy attacks, prompt injection, and over-scoped permissions
How to attack your own server to see how an injected instruction can exfiltrate credentials or trigger command injection
The defense-in-depth layers that turn a server from attack surface into a hardened privilege boundary: auth, secrets, tool scoping, audit trails, rate limiting, network isolation, and supply-chain integrity
How to wire MCP-specific security testing (static scanning, dependency pinning, CI/CD gates) into a real pipeline
Who should attend: Security engineers, AI/platform engineers, DevSecOps practitioners, and security-minded developers building or reviewing agentic AI systems. Useful for CISOs and security leaders who want a grounded technical view of what MCP changes about their trust model.
Prerequisites: Comfort reading code (TypeScript or Python examples) and a laptop with Node.js or Python installed. A pre-built starter repo will be provided so build time stays tight and the focus stays on hardening.