The CloudSec Rocket
Posts
A new chapter unfolds... MCP in AI

A new chapter unfolds... MCP in AI

Navigating the new MCP landscape as cloud security pros

Nelson R
April 05, 2025

In this post...

What is the Model Context Protocol?
Why care (as cloud security specialists)?
- Reason 1: We have niche domain expertise that we c …
- Reason 2: There’s a new layer in town (and demand …
Things I’ve Been Enjoying
Quote of the day

Social media is abuzz with talk of the Model Context Protocol (MCP) at the moment.

All my favourite AI hypefluencers are talking about it.

So is this a gimmicky fad?

Will MCP have its two minutes in the spotlight and then fade out of the cultural zeitgeist before any of us can remember what the letters stood for?

I can't say for sure, but my intuition is no - this is an incredibly powerful innovation. If it continues on it's current trajectory, it will play a pivotal role in unlocking agentic AI across the world.

In this post, I'm going to articulate why we should care - not just as general AI fanboys/girls, but as cloud security specialists.

But first..

What is the Model Context Protocol?

MCP is Anthropic’s new open-source standard for enabling AI applications to interact with tools and services in a consistent way.

In the words of the official docs:

"MCP is an open protocol that standardizes how applications provide context to LLMs. Think of MCP like a USB-C port for AI applications. Just as USB-C provides a standardized way to connect your devices to various peripherals and accessories, MCP provides a standardized way to connect AI models to different data sources and tools.”

Source: https://modelcontextprotocol.io/introduction

For us in cloud security, another relevant diagram might be something like this, taking Azure as an example:

The MCP hosts are your AI applications (i.e. Claude Desktop, IDEs like Cursor, or AI tools), which fetch data from the MCP server via an MCP client.

MCP servers provide two big capabilities:

Resources: File-like data that can be read by clients (think files like PDF files, database records, images, etc)
Tools: Functions that can be called by the LLM (think wrappers around external APIs, data processing or analysis, etc)

As you can imagine, these two MCP primitives are incredibly versatile and give your LLMs big boy boots.

Why care (as cloud security specialists)?

So why should we care as cloud security folks?

Two reasons:

We have niche domain expertise that we can “MCP”-ify for fun and profit
We now have a whole new layer to secure in AI applications, and there will be huge demand for people who understand how to build off this protocol securely

Let’s talk through each one.

Reason 1: We have niche domain expertise that we can “MCP”-ify

Providing a powerful, useful REST API was a strong pathway to value in the 2000s. Entire SaaS businesses were built off this value proposition.

The same opportunity is unfolding with MCP. Making niche technical functionality available via MCP may be the “REST API goldrush” of the AI agent era.

You can think of MCP kinda like one single API that AI models can use to access other APIs.

With MCP, you can make services you use or own easily usable by AI agents. That means these agents can start doing real, valuable work for you or your customers.

As cloud security professionals, we are well positioned to ride this wave. Think about the niche technical knowledge we hold — now imagine AI agents being able to leverage that in real time.

Here are just a few things I’d love to see an AI agent do using Azure:

Search through Azure Activity Logs to figure out who owns a resource or analyze changes over time
Check PaaS services for adherence to security best practices
Extract and analyze tags on resources
Provision a secure landing zone following Microsoft’s own guidance

Some of these are simple fetch-and-report jobs. Others are more complex and risky — like automating foundational infrastructure setup. But the point is, you get to decide what to expose via MCP. Your imagination and judgment are the only limits.

In fact, looks like someone has beaten me to the punch: here’s an Azure MCP server I stumbled across that looks like it could do a lot of the above.

The number of people who are 1) paying attention to MCP, 2) motivated to build off it, and 3) deeply understand cloud security — is small.

On the demand side, there’s massive need for cloud security expertise. Just look at the recent sale of cloud security SaaS Wiz to Google for a jaw-dropping $32 billion.

That’s a serious supply-demand imbalance. People who know how to connect the two rising tides of cloud security and AI will be in serious demand.

Reason 2: There’s a new layer in town (and demand for specialists that can secure it)

The rise of REST APIs gave birth to a whole new ecosystem of API security tools, job roles, and required skillsets within the cybersecurity space.

So too did the shift to cloud computing in the 2010s. My job title - probably yours too - didn’t exist prior to this new technological paradigm.

It's wild when you think about it. In previous generations, when children were asked "What do you want to be when you grow up?", they could answer confidently knowing their chosen profession would still exist when they reached adulthood.

(When I was a kid, I wanted to either "start a business selling computer parts" or be a "writer"—so I guess I wasn't too far off...)

Obviously, the world of 2025 is a different beast.

Like these earlier innovations, the MCP will open up a new world of opportunities and risks. There’ll be new attack vectors for the bad guys, as well as new skillsets to thwart them.

See this recent blog post from Invariant labs about MCP “Tool Poisoning Attacks” for a case in point.

In the cloud security world, we’re used to dealing with complex, distributed applications. We’re used to thinking about things like: “how do these two systems talk to each other? How is authentication handled? What access restrictions are in place?”

We’re also used to sophisticated tooling. The cloud is dynamic and we need tools that can cope with that. “All-in-one” CNAPP tools like Wiz or Orca, and AppSec tools like Snyk, are designed with this in mind.

These skillsets position us well for dealing with the new MCP-oriented world. In this world, the attack surface of AI applications will exponentiate.

Supply chain risk in particular is gonna be a doozy.

Therefore, we’ll need to understand how authentication is managed between our AI apps, MCP servers, and the end tools they consume.

We’ll need to leverage automated tools to monitor these systems at scale and protect against threats in this new environment.

Every business will want to hop on the AI agent train, and they’ll need people that know how to do so securely.

Things I’ve Been Enjoying

Official MCP docs

Top-notch documentation here. Clearly explained concepts and good quickstart guides. 100% worth bookmarking.

Awesome MCP Servers

Fantastic curated list of MCP servers, organised by category. Also worth bookmarking.

Figure Humanoid Robot update video - "Introducing Natural Walking”

Love these update videos from Figure AI, one of the leading humanoid robotics companies in the recent wave of these companies. Always gets me hyped up about the sci-fi Star Wars world we’re heading towards in the near future.

To quote the top YouTube comment: “[the Figure robot] has gone from 'sh*t my pants' to just 'clenching cheeks' great work!” 😂

Fireship’s video on MCP

If you're not subscribed to Fireship, do it already. 10/10 channel. Hilarious and keeps you up on tech industry trends in bite-sized, <10min videos.

Rahul Pandey’s productivity video - “20 Years Of Fighting Procrastination In 1 Hour”

Great video packed with actionable insights on how to get more done (from someone that's achieved a lot in their tech career).

I immediately applied one of his tips the next day and cleared up a good hour of my workday to focus on more important stuff.

Quote of the day

“You can’t stop the waves, but you can learn to surf.”

—

Jon Kabat-Zinn