Security and governance platform SurePath AI recently announced MCP Policy Controls to provide real-time controls over which MCP servers and tools are allowed to be used.
MCP presents a new attack surface and security challenges
These new controls are designed to assist organizations in adopting MCP, ensuring safety, visibility, and safeguards from day one.
MCP presents a new attack surface for organizations, presenting new security challenges as AI issues real commands, authenticated as the end user.
SurePath AI aims to remediate these challenges by applying policy-based controls to determine which MCP servers and tools are allowed to be used before anything is executed.
The platform enforces an organization’s policies on which MCP servers and tools are allowed by controlling local MCP hosts and their connections to them.
SurePath brings built-in classifications to security teams and internal AI policies
An organization’s policies can leverage built-in classifications of whether a tool is destructive or not, or be customized explicitly to each of their security requirements.
The key features of the controls include:
- MCP Tool Discovery: MCP tools can be discovered by monitoring MCP usage in AI tools across the workforce, intercepting MCP payloads, and removing tools blocked by policy or in violation of capability requirements. When a tool violates policy, it can be removed from the MCP payload before it is sent to the backend service, so the service will not have access to that tool.
- MCP Tool Block List: Block-specific MCP tools that have been discovered in the environment. Block tools are removed from MCP payloads before reaching backend services.
- MCP Tool Allow List: Allow specific MCP tools discovered in the environment. Allowed tools will be included in MCP payloads.
- Allow Read-Only: When enabled, all read-only MCP tools are automatically enabled without requiring them to be added to the Allow List to streamline policy management for lower-risk tools.
- Catch-All Action: Determine the default action taken for MCP tools that aren’t explicitly allowed or blocked, providing control over how the system handles tools that fall outside of the defined block and allow lists.
- Auto-Discovery and Classification: Gain insights into MCP tools.
“MCP has quickly evolved from a buzz-acronym to the backbone in next-gen AI-powered workflows,” said Randy Birdsall, CPO and co-founder, SurePath AI. “In fact, we are seeing the same pattern when ChatGPT first became available – rapid adoption, little oversight, and a surface-level understanding of risks. The reality is that MCP introduces an entirely new attack surface, one that many organizations are already exposing without realizing it, but blocking MCP is not practical. Instead, it needs to be managed securely, and that means moving beyond traditional firewall and IAM policies. Modern organizations need to put into place controls that are specific to how MCP operates. Only then can security teams confidently support AI adoption without hindering innovation.”
SurePath AI also maintains an MCP server and endpoint catalog
Further, SurePath AI maintains a catalog of known MCP servers and endpoints in order to mitigate risk on the remote side. All protected MCP traffic is routed through its platform, where access controls are applied in real time.
Additionally, this new capability uncovers supply chain threats by detecting never-before-seen MCP tools that can impersonate other tools or attempt to exfiltrate data outside the approved security perimeter.
SurePath AI CEO Casey Bleeker recently spoke with Channel Insider about how organizations can accelerate the adoption of generative AI. Take a listen to how organizations can secure GenAI adoption with zero trust without increasing compliance risk.