MCP and Tool-Use Security Hub
MCP and tool-use security sits between AI security and API security. This hub groups the content most relevant to teams exposing tools, files, APIs, and privileged actions to models.
Guides
9
Latest Update
May 9, 2026
Primary Intent
Coverage of Model Context Protocol security, tool delegation controls, function calling risk, and AI-agent execution boundaries.
Topic hubs are built for depth, not thin aggregation.
This hub clusters original content around a specific security theme so users can evaluate a problem space, trace it back to named authors, and verify the company and publishing standards behind the site.
Named authors
Each guide keeps visible authorship instead of anonymous list pages.
Freshness signals
Updated guides are labeled so readers know when advice changed.
Public accountability
Editorial, company, legal, and contact pages stay visible from the hub.
What Is Agentic AI? Security Risks, Use Cases, Challenges, and Future
A detailed guide to agentic AI for engineering and security teams. Learn what agentic AI is, how it works, where it creates business value, why it is harder to secure than a standard chatbot, and what the future of agentic AI security looks like.
AI Security Testing Tools: Garak, PyRIT, promptfoo, and the Controls They Actually Validate
A practical guide to AI security testing tools for LLM and agentic applications. Explains what Garak, PyRIT, and promptfoo are good at, where each tool falls short, and how to combine automated testing with human review for prompt injection, data leakage, and unsafe tool use.
Secure Tool Calling for LLMs: Function Calling Risks and Runtime Controls
Tool calling is where an LLM application stops being a text system and starts becoming an action system. Learn the runtime controls, permission boundaries, and confirmation patterns that keep function calling from becoming an automation incident.
MCP Server Security: Model Context Protocol Risks, Attack Paths, and Hardening Guide
A practical MCP server security guide covering Model Context Protocol risks, tool execution abuse, prompt injection, overprivileged servers, package trust, and hardening patterns for Cursor, Claude, and AI agent deployments.
OWASP Top 10 for Agentic AI 2026: Risks, Attack Paths, and Security Controls
A detailed guide to the OWASP Top 10 for Agentic AI Applications covering goal hijacking, tool manipulation, prompt injection, uncontrolled autonomy, and the security controls teams need for agentic AI deployments.
How to Secure AI Agents: Identity & Access Management for Agentic AI
Machine identities now outnumber human identities 45:1. Learn how to implement IAM for AI agents — authentication, authorization, credential management, and delegation chains in multi-agent systems.
Securing Generative AI APIs: MCP Security & Shadow AI Risks in 2026
Model Context Protocol (MCP) is the emerging standard for connecting AI to tools and data. But MCP servers, shadow AI usage, and AI supply chain attacks introduce critical risks. Learn how to secure generative AI APIs.
API Security Trends 2026: Protecting REST, GraphQL & gRPC in an AI-Driven World
APIs now account for 83% of web traffic. This guide covers the most critical API security trends for 2026 — AI-generated API abuse, GraphQL-specific attacks, gRPC security, API gateways, and runtime protection strategies.
API Security for AI Agents: Securing MCP, Function Calling & Tool Use
AI agents are the new API consumers. This guide covers securing APIs against AI-driven abuse — MCP server hardening, function calling guardrails, tool delegation authorization, and protecting sensitive endpoints from autonomous agents.