Model Context Protocol (MCP), which simplifies access from AI agents to tech platforms and data, has given a significant boost to the usability and interoperability of agents within existing technology stacks. That’s why MCP has been embraced by enterprise software giants including Microsoft, Oracle and AWS.
But it has also introduced security challenges that enterprises wouldn’t otherwise face. These include tool poisoning attacks that embed malicious instructions to extract sensitive data or disrupt workflows, as well as over-privileging tools in ways that allow them to perform unauthorized actions.
Community initiatives and tools are emerging to bolster MCP security. This week, Cisco entered the fray with open-source software called MCP Scanner, which Cisco says secures the AI agent “supply chain.” The open-source security software analyzes MCP servers and components to perform security and vulnerability checks before agents are deployed, so teams can proceed with confidence in their level of security.
The company positions MCP Scanner as a follow-on to Cisco AI Defense—a platform designed to secure software and data across the AI lifecycle, from supply chain scanning and algorithmic red teaming to runtime guardrails and continuous validation. Combined, AI Defense and MCP Scanner put Cisco’s considerable networking and security footprint behind MCP security, increasing customer options to ensure MCP connections can be secured in line with enterprise security requirements.
Vulnerability Scanning
MCP Scanner scans MCP servers for malicious code and hidden threats with the goal of helping businesses develop and deploy AI applications safely and securely. It identifies vulnerabilities in MCP servers before they’re integrated into AI or other systems — thereby protecting the AI supply chain.
Traditional security tools, Cisco explained, conduct static code scanning, but AI agent threats can be hidden in tool definitions, metadata or even dynamic interactions between agents and tools, so those tools aren’t well equipped to detect them.
MCP Scanner performs contextual and semantic analysis of each tool, identifying risks that emerge from how tools are described, invoked, and composed within LLM workflows. It leverages three powerful scanning engines including Cisco’s own AI Defense scanner; those three engines can be used in combination or alone. The vulnerability checks performed by MCP Scanner include:
- MCP component security evaluation that identifies tools, prompts, and resources to isolate malicious or anomalous behavior
- Signature-based detection that identifies known threats within MCP components and notifies users of those threats
MCP Scanner can also be downloaded and deployed on a stand-alone basis to deliver AI supply chain security protection across any cloud or deployment model.
With this latest security development, Cisco is helping to push MCP ever closer to be a robust, invaluable tool that helps customers and partners integrate agents and platforms while ensuring alignment with corporate security practices and standards.
AI Agent & Copilot Summit is an AI-first event to define opportunities, impact, and outcomes with Microsoft Copilot and agents. Building on its 2025 success, the 2026 event takes place March 17-19 in San Diego. Get more details.
Tom Smith
Analyst
Cloud Wars, Agent and Copilot
Related Posts
