Akto Launches Industry’s First Security Platform for Model Context Protocol (MCP) Servers
Akto, a leader in API security, today announced the launch of Akto MCP Security, the world’s first purpose-built solution designed to secure Model Context Protocol (MCP) servers. As AI agents like ChatGPT, Claude, and GitHub Copilot rapidly become part of core enterprise workflows, developers are adopting MCP to enable these agents to safely and dynamically invoke APIs. But with this shift comes a new attack surface – MCP Servers.
“MCP is the protocol powering the next generation of AI-native software,” said Ankita Gupta, Co-Founder and CEO of Akto.
In May 2025, a critical vulnerability in GitHub’s MCP server allowed attackers to embed malicious instructions in public issues. When processed by AI agents, those instructions led to unauthorized access and data leakage highlighting the urgent need for MCP-specific security controls.
Akto MCP Security is designed from the ground up to protect MCPs. It detects shadow MCP servers, tests for prompt injection and tool poisoning vulnerabilities, and monitors AI-to-API traffic in real time to flag suspicious behavior. The platform helps security teams stay ahead of threats in a world where APIs aren’t just passive endpoints, they’re actively invoked by autonomous agents that can introduce new risks with every interaction.
Built in collaboration with Akto’s enterprise customers, the Akto MCP Security platform includes three core modules at launch:
- MCP Server Discovery – Automatically detects all MCP-compatible servers and related API calls across environments using Akto’s 50+ traffic and code connectors, eliminating shadow MCPs.
- MCP Security Testing – Continuously tests MCP endpoints and tools for vulnerabilities like unauthorized access, prompt injection, insecure auth, and data exposure.
- MCP Monitoring & Threat Detection – Real-time behavioral analysis of MCP traffic to detect threats such as tool misuse, permission escalation, and malicious agent behavior.
“MCP opens powerful new possibilities, but also dangerous new paths for abuse,” said Ankush Jain, CTO at Akto. “We’ve built dedicated logic for how MCP works, so security teams can monitor, test, and protect these systems with context.”
Akto’s early access program is already onboarding enterprise customers who are actively building with MCP, including teams at leading banking, fintech, and healthcare companies. The company plans to expand its API Security capabilities to cover modern, new threats.
Also read:Â Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
