Skip to main content
MCP is powerful but ships without guardrails. The protocol standardizes how clients and servers talk; it does not provide authentication, observability, or any defense against malicious tools or leaked data. MCP Manager is the product layer that closes those gaps — one governed gateway where identity, governance, runtime protection, and audit are applied to every call. This page is a quick glossary of the key MCP threats and where each one is addressed.

Key threats at a glance

The four layers that address them

MCP Manager applies defense in depth across four layers — each has its own page:

Authentication & Identity

Brokers a real identity to every server, stores credentials encrypted, and revokes access instantly — countering token theft and missing auth.

Feature Governance

Least privilege for tools, with metadata locking that defends against tool poisoning and rug pulls.

Runtime Protections

Inspects live traffic to block injection and stop PII or secrets from leaking.

Audit & Observability

Records every call with attribution, so shadow MCP and spoofing become visible and auditable.

Further reading

Authentication & Identity

The first security layer — brokered identity, credential storage, and instant revocation.

Architecture & Trust

How the gateway is hardened as the control point in the path of every call.

External sources

OWASP Top 10 for LLM Applications

The industry reference on prompt injection and related LLM risks.

MCP security best practices

Security guidance from the Model Context Protocol specification.