BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//RootedCON//Madrid2025//ES
CALSCALE:GREGORIAN
METHOD:PUBLISH

BEGIN:VTIMEZONE
TZID:Europe/Madrid
X-LIC-LOCATION:Europe/Madrid
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20250330T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20251026T010000
END:STANDARD
END:VTIMEZONE

BEGIN:VEVENT
UID:4ba07015-62ee-4213-a26a-74594605877d
DTSTAMP:20260614T162129Z
CLASS:PRIVATE
CATEGORIES:ROOTEDCON
DESCRIPTION:The Model Context Protocol (MCP) has, in just a few months, become the standard “glue” for connecting AI agents with real-world data and tools: code repositories, internal databases, IDEs, browsers, or file systems. In most organizations it is being deployed with an almost exclusive focus on functionality, pushing security architecture into the background. The result: thousands of exposed MCP servers, default configurations, lack of strong authentication, and an explosive mix of classical vulnerabilities (RCE, path traversal, lack of isolation) with vectors specific to the LLM world (prompt injection, tool poisoning, tool shadowing, abuse of persistent context).

In this talk, we will present the state of the art in MCP security, including results from enumerating Internet-accessible servers and common exposure patterns in corporate environments. From there, we propose a reference architecture to “tame” MCP in the enterprise, focused on how to systematically standardize and test MCP deployments. We will introduce a lightweight “MCP Security Baseline” framework with maturity levels, as well as an open-source tool that can discover/monitor MCP servers, inventory exposed tools, and run non-destructive tests to validate minimum requirements (auth, encryption, restrictions around dangerous tools, context limits, etc.). We will close with an actionable checklist and lessons learned for security teams that need to decide, with sound criteria, when an MCP is ready for production and when it is just a pretty PoC about to get pwned.
LOCATION:Kinépolis Madrid: C. Edgar Neville, s/n 28223 Madrid
SUMMARY:When MCP goes Wrong - Que MCP no rompa tu seguridad
TRANSP:TRANSPARENT
DTSTART;TZID=Europe/Madrid:20260305T134000
DTEND;TZID=Europe/Madrid:20260305T143000
END:VEVENT

END:VCALENDAR