The NSA just made the case for a policy layer in front of MCP
The NSA published 17 pages on MCP security. We map every recommendation to where enforcement actually happens: the call path between agent and tool.
// TAG
Agent Governance
9 posts
MCP Authorization: Scoping What Agents Are Allowed to Do
Authentication proves who is calling. MCP authorization decides what they can do. Here is how to add per-tool, per-argument limits to AI agents.
MCP Gateway: What It Is and Why Agent Fleets Need One
An MCP gateway sits in front of every MCP server and evaluates each tool call before it runs. Here is what it does, how it works, and when you need one.
AI Agent Containment Starts at the Environment Layer
Anthropic showed model defences can't stand alone: Claude leaked secrets 24 of 25 times under injection. Why AI agent containment belongs at the environment layer.
Microsoft AGT Proved Deterministic Enforcement. Where the Next Problem Starts.
Microsoft's Agent Governance Toolkit shipped the cleanest validation of deterministic policy enforcement in agent security: 26.67% violations under prompt-only safety, 0% under AGT. AGT governs one runtime. The harder problem is governance across many.
Runtime Governance Belongs at the Transport Layer
Oracle has named the category: runtime governance for agentic AI. Their framework is right; their architectural assumption is wrong for most teams. PolicyLayer enforces the same five pillars at the MCP boundary.
Anthropic's MCP Playbook Is for Builders. Defenders Need the Next Layer.
Anthropic published the production playbook for MCP: 300M SDK downloads, thin tools over 2,500 endpoints, OAuth vaults. The playbook stops at the tool call. Argument-level policy is what comes next.
MCP Governance Is Table Stakes. What Comes Next?
Cloudflare's enterprise MCP launch solves discovery, access, and shadow-MCP prevention. That's the baseline. The harder question — what agents are allowed to do once they're inside — needs a different primitive.
Microsoft's Agent Governance Toolkit: 9 Packages, MCP-Blind
Microsoft's open-source toolkit: nine packages for agent policy, identity, and compliance. Review of what works — and the MCP-shaped hole teams must bridge themselves.