ODBIERZ TWÓJ BONUS :: »

Securing the Model Context Protocol. Defend agentic AI systems from supply chain, runtime, and code execution threats Idan Habler, Vineeth Sai Narajala

Język publikacji: angielski
Securing the Model Context Protocol. Defend agentic AI systems from supply chain, runtime, and code execution threats Idan Habler, Vineeth Sai Narajala - okladka książki

Securing the Model Context Protocol. Defend agentic AI systems from supply chain, runtime, and code execution threats Idan Habler, Vineeth Sai Narajala - okladka książki

Autorzy:
Idan Habler, Vineeth Sai Narajala
Serie wydawnicze:
Hands-on
Ocena:
Bądź pierwszym, który oceni tę książkę
As agentic AI shifts from text generation to operational roles, it relies on the Model Context Protocol (MCP) to interface with databases and execute code. While MCP provides essential connectivity, it introduces a sophisticated attack surface. Securing MCP offers a hands-on framework for protecting these autonomous systems throughout their lifecycle.
The book begins by deconstructing MCP architecture to establish a rigorous threat model, categorizing risks across supply chain integrity, runtime execution, and code-execution attack vectors. Readers will learn to map these vulnerabilities to testable security controls that mirror adversary behavior. It then details the technical implementation of OAuth 2.1 and scoped authorization, ensuring every interaction is authenticated and auditable.
Beyond identity, the guide explores specialized threats like prompt injection, tool poisoning, and rug pull malicious updates. For enterprise production, it covers deployment hardening - including sandboxing, I/O validation, and secrets management - before addressing governance through RBAC, policies, and human-in-the-loop (HITL) mechanisms.
Complete with Python implementations and verification checklists, this book provides the professional roadmap required to deploy agentic AI with institutional-grade security.

Wybrane bestsellery

O autorach książki

Idan Habler is an AI Security Researcher at Cisco, focused on securing agentic and autonomous AI systems across enterprise environments. His expertise spans agentic threat modeling, AI red-teaming, secure tool and agent-to-agent interactions, and defense-in-depth architectures for generative AI systems. Prior to Cisco, Idan worked as an AI Security Researcher at Intuit and served in senior cyber R&D and cybersecurity roles within Israel's military.
Idan holds a Ph.D. in Software and Information Systems Engineering from Ben-Gurion University, where his research focused on cyber risk assessment and advanced threats to complex systems. He is a core team member of the OWASP Securing Agentic Applications initiative and a founding member of AIVSS. Through OWASP, he co-authors security standards and guidance including the Agent Name Service (ANS) and the Agent-to-Agent Secure (A2AS) protocol, and develops practical threat modeling frameworks for multi-agent AI systems.
A recognized contributor to the AI security community, Idan's work appears in leading research and industry venues, and he collaborates with industry, academia, and open-source communities to advance secure-by-design approaches for agentic AI systems at scale.
Vineeth Sai Narajala is a Senior Technical Lead for AI Security Research at Cisco, where he leads initiatives to secure AI systems across the company's networking, security, and infrastructure products. His expertise includes model safety guardrails, prompt-injection protections, compute isolation, and secure token management for agentic AI systems. Prior to Cisco, Vineeth served as a Senior Generative AI Security Engineer at Amazon Web Services (AWS) and as a Senior Security Engineer at Meta.
Vineeth is Co-Lead of OWASP AIVSS and a workstream co-lead within OWASP's GenAI security efforts focused on agentic application security, where he advances practical standards, threat modeling guidance, and best practices for the community. He regularly presents at major security conferences including RSA Conference, OWASP Global AppSec, BSides events, and CypherCon.
With deep technical expertise at the intersection of AI and cybersecurity, Vineeth focuses on security solutions that help teams ship agentic AI features safely at scale.

Packt Publishing - inne książki

Zamknij

Przenieś na półkę
Dodano produkt na półkę
Usunięto produkt z półki
Przeniesiono produkt do archiwum
Przeniesiono produkt do biblioteki

Zamknij

Wybierz metodę płatności

Płatności obsługuje:
Ikona płatności Alior Bank Ikona płatności Apple Pay Ikona płatności Bank PEKAO S.A. Ikona płatności Bank Pocztowy Ikona płatności Banki Spółdzielcze Ikona płatności BLIK Ikona płatności Crédit Agricole e-przelew Ikona płatności dawny BNP Paribas Bank Ikona płatności Google Pay Ikona płatności ING Bank Śląski Ikona płatności Inteligo Ikona płatności iPKO Ikona płatności mBank Ikona płatności Millennium Ikona płatności Nest Bank Ikona płatności Paypal Ikona płatności PayPo | PayU Płacę później Ikona płatności PayU Płacę później Ikona płatności Plus Bank Ikona płatności Płacę z Getin Bank Ikona płatności Płatność online kartą płatniczą Ikona płatności Santander Ikona płatności Visa Mobile
Bezpieczne płatności szyfrowane SSL