The Everything Feed - All Packet Pushers Pods PP083: A CISO’s Perspective on Model Context Protocol (MCP)
10 snips
Oct 21, 2025 Chuck Kessler, CISO at Pendo, shares his insights on the Model Context Protocol (MCP), an open-source tool that connects AI agents with enterprise data. He discusses the emergence of agentic AI, emphasizing real-world applications like travel booking. Security concerns are a major focus, with Kessler outlining authentication risks and the importance of scoped identities. He highlights industry collaboration for safe AI adoption and addresses how MCP can facilitate innovation while managing risks. Kessler also touches on the challenges of monitoring rogue AI usage.
AI Snips
Chapters
Transcript
Episode notes
Agentic AI Is Action-Oriented
- Agentic AI executes multi-step tasks and acts on behalf of a user, not just answer single questions.
- It can autonomously take actions or ask for human input based on prior results.
Travel Booking As A Prototype
- Chuck described travel-booking agents that gather preferences, suggest options, and can book on your behalf.
- The agent may either perform actions directly or prompt the human for confirmation.
Authentication Is The Primary Risk
- The biggest security concern with agents is the authentication model and how agents obtain and use credentials.
- Agents operating under a user's identity introduce new attack and spoofing risks compared to human logins.