Bill Maxwell: Articles on AI Security and MCP

MCP Enterprise Architecture graphic featuring server stacks, security icons, and the title "MCP Enterprise Architecture That Actually Works: The Complete Reference Guide" by Obot, relevant to enterprise AI solutions and MCP Gateway concepts.

MCP Enterprise Architecture That Actually Works: The Complete Reference Guide

The final post in Obot’s 10-part series on enterprise MCP. Pull together identity, access, audit, and data layers into a single reference architecture — with a checklist to evaluate where you are and what’s left to build.

MCP PII Data Security blog header with title text, shield icon, data servers, and cloud elements illustrating risks of tool calls leaking personally identifiable information (PII).

MCP PII Data Security: How Tool Calls Leak PII and How to Stop It

MCP tool calls can silently expose sensitive data. Learn how PII leaks into LLM context and how to prevent it with control plane filtering.

MCP Prompt Injection blog post header featuring Obot AI branding, discussing AI agent vulnerabilities and defense strategies in enterprise environments.

MCP Prompt Injection: Why Your AI Agents Can’t Defend Against It Alone

MCP prompt injection is a structural risk for AI agents. Learn how attackers exploit autonomous tool retrieval and how to defend with layered infrastructure controls.

Fine-grained MCP access control graphic illustrating server-level permissions, security shield, and enterprise AI context.

Fine-Grained MCP Access Control: Beyond Server-Level Permissions

Server-level MCP access control isn’t enough. Learn how tool-level permissions, IdP-mapped registries, and agent-scoped tool sets enforce least privilege at enterprise scale.

What Your Security Team Will Ask Before Approving MCP in Production

Preparing for MCP enterprise security review? Here is every question your security team will ask about access controls, audit logs, credentials, and data and how to answer them.

MCP Enterprise IdP Integration for Third-Party Servers

Learn how to navigate MCP enterprise IdP integration, enabling efficient access for your team while reducing infrastructure burden.

MCP token security graphic illustrating the importance of managing OAuth tokens, featuring a shield symbol, server icons, and security elements relevant to enterprise access control.

MCP Token Security: Why Your Clients Shouldn’t Hold OAuth Tokens

Understand MCP token security and learn how to effectively manage OAuth access tokens after client authentication.

MCP Dynamic Client Registration article header with Obot branding, featuring a security shield, cloud, and database icons, emphasizing enterprise-scale MCP strategies and Microsoft Entra integration.

MCP Dynamic Client Registration: Why it Matters and How To Accomplish it with Entra

MCP Dynamic Client Registration is required by the MCP spec, but Microsoft Entra ID does not support it. Here’s what that means for enterprise deployments—and the control plane pattern that bridges the gap.

MCP Identity Management at Enterprise Scale graphic featuring logos of Google, Microsoft, and Okta, emphasizing solutions for OAuth sprawl challenges in enterprise settings.

MCP Identity Management at Enterprise Scale: Solving the OAuth Sprawl Problem

Learn how to navigate MCP identity management challenges with insights for managing multiple servers effectively.

MCP authentication challenges illustrated with shield icon and cloud network graphics, emphasizing OAuth complexities in enterprise environments.

Why MCP Authentication Is Harder Than It Looks

MCP development starts fast. Then you hit OAuth. Here’s what production-ready MCP authentication actually requires — and why the complexity multiplies when you’re running more than one server.