A Proposed MCP Server Security Evaluation Framework
With great MCP power comes great MCP responsibility and you should be prepared to evaluate the security of your MCP server implementation and MCP adoption in your AI agents.
Tag: security
-
-
Plan, Don't Execute: Agentic Workflows in Zero Trust Environments
How zero-trust environments can leverage AI agents and agentic workflows without compromising security and trust.
-
Poor Express Authentication Patterns in Node.js and How to Avoid Them
Tired of seeing poor authentication patterns in Node.js applications and Express code examples? Here's a guide on how to avoid them and what to do instead
-
Disclosing a local file inclusion vulnerability in xmlhttprequest library
I found a Local File Inclusion (LFI) security vulnerability in xmlhttprequest library but it's still unfixed.
-
Disclosing uncontrolled resource consumption in xmlhttprequest library
proof-of-concept showing a denial of service vulnerability in a Node.js web server if it uses the xmlhttprequest library to make outgoing HTTP requests
-
Prevent clickjacking on Drupal and other Apache web applications
Updating Apache server configuration to use mod_headers to prevent clickjacking security issues
-
Apache Obfuscation by disabling trace and server tokens
Preventative measures to mitigate leaking the server software running
-
Reviewing book โ Learning Pentesting for Android Devices
Getting started with penetration testing for Android devices
-
Advanced Poll 6.x versions โ XSS Vulnerability
Disclosing a Cross-site Scripting vulnerability in the Advanced Poll module for Drupal.
-
daloRADIUS operators handling change
RBAC, ACLs, operators, groups, and other access control related changes in daloRADIUS
-
nessus3 install issue on ubuntu
how to fix Nessus3 and its missing dependency
-
MythEmail Plugin
MythEmail plugin for the glorious MythTV all-around streamer and home media entertainment system