Key threats at a glance
The four layers that address them
MCP Manager applies defense in depth across four layers — each has its own page:Authentication & Identity
Brokers a real identity to every server, stores credentials encrypted, and revokes access instantly — countering token theft and missing auth.
Feature Governance
Least privilege for tools, with metadata locking that defends against tool poisoning and rug pulls.
Runtime Protections
Inspects live traffic to block injection and stop PII or secrets from leaking.
Audit & Observability
Records every call with attribution, so shadow MCP and spoofing become visible and auditable.
Further reading
Authentication & Identity
The first security layer — brokered identity, credential storage, and instant revocation.
Architecture & Trust
How the gateway is hardened as the control point in the path of every call.
External sources
OWASP Top 10 for LLM Applications
The industry reference on prompt injection and related LLM risks.
MCP security best practices
Security guidance from the Model Context Protocol specification.

