How Can MCP Servers Attack You - 2/2 скачать в хорошем качестве

How Can MCP Servers Attack You - 2/2

Speaker: José Augusto (Nubank) Summary: This talk aims to raise awareness and demonstrate, in a practical way, how MCP(Model Context Protocol) servers can become critical attack vectors in development environments. With the explosive growth of AI throughout the development lifecycle, manycompanies still struggle to manage risks, establish governance, and adapt security practicesto a technology that evolves far more rapidly than the capabilities available for propermonitoring and control. During the presentation, a realistic attack scenario will bedemonstrated, showcasing how an MCP Server can be leveraged to compromise AI-baseddevelopment environments. The session will also explore practical detection strategies suchas awareness, and the use of adapted scanners that tailor detection to each company’senvironment, highlighting how security teams can stay one step ahead in a landscape wherethe attack surface grows daily. Bio: José Augusto is a Lead AI Security Engineer at Nubank, working in both offensive anddefensive security with a focus on AI ecosystems, including LLMs, agents, ML, and theirinteractions with traditional systems. He began studying AI during his PhD work in 2020 andhas been fully dedicated to AI security since 2024. He holds a Master’s degree inCybersecurity from the University of Brasília (UnB) and is an instructor at FIAP, Gohacking,and RNP. He holds certifications such as OSWP, OSCP, OSCE, OSWE, and OSEP, andserved for two years as an Official Offensive Security Instructor in Brazil.