Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Company: Intermediate clear filter
arrow_back View All Dates
Sunday, June 14
 

10:00am IST

Workshop: Building scalable, edge-native, production-grade MCP tools with RUST - Rajesh Sola, KPIT
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 3
The emergence of the Model Context Protocol is transforming how AI agents interact with tools, data, and real-world systems. However, most early MCP implementations rely on high-level runtimes that are not well-suited for embedded and resource-constrained edge environments. This session explores how RUST enables a new class of high-performance, memory-safe MCP servers designed specifically for Embedded Linux–powered edge devices.

In this tutorial, I'll walk through building a lightweight MCP server, bridging physical data sources into LLM-readable formats, enabling intelligent agents to reason over live edge data using Rust.

- Why MCP for Edge AI Systems?
- Why RUST?
- Building simple server using rmcp and testing with a client
- Bridging physical word e.g. Sensors, Telemetry, File Systems and structuring LLM-readable context, data pipelines
- High-performance Edge MCP Runtime - Async & Concurrency Models for scalable communication (MQTT, HTTP, gRPC etc.)
- Observability, tracing & Debugging
- Bring MCP in Agent loop, Using Rig for orchestration
- Deploying to target board, cross compilation steps
- Case Study: Building an Edge MCP Agent, e.g. Telemetry and Diagnostics
Speakers
avatar for Rajesh Sola

Rajesh Sola

Education Architect, KPIT Technologies Ltd
Rajesh is working as a Deputy Director at GITAM University's Centre for Academic Innovation and Advancement (CAIA). He is currently responsible for orienting Faculty and providing technical solutions to meet the industry expectations.

He has 20 years of experience with core focus on Embedded Systems, Linux, IOT, Open-Source solutions. He is the guest author for Open Source for You Magazine and renown speaker for many embedded, open-source conferences. He loves teaching, Linux & open source... Read More →
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 3
  Building with MCP

10:00am IST

Workshop: Enabling MCP at Enterprise Scale: Navigating Authentication and Governance Challenges - Shannon Williams & Chris Urwin, Obot AI
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 2
**Space Limited - First Come, First Served.  Please bring a fully charged laptop to the workshop**

Enterprise adoption of the Model Context Protocol is accelerating — but the path from "MCP works on my laptop" to "MCP running securely across our organization" is windy and challenging.
Building MCP servers isn't particularly hard. The real challenges are OAuth, identity sprawl, and the governance requirements your security team will eventually land on your desk.
MCP servers should focus on tools, resources, and prompts — not rebuilding OAuth infrastructure from scratch every time. A dedicated identity and governance control plane absorbs that complexity once, rather than forcing every server to solve it independently.
In this workshop, we will:
1. Demonstrate how to integrated MCP servers with identity management tools
2. Show how to tailor MCP authorization by groups and policies.
3. Work through real governance scenarios by filtering MCP calls for PII or code injection.
4. Demonstrate how MCP traffic can be captured via an MCP gateway and used for compliance, monitoring and observability.

You'll leave with a clear picture of the architectural decisions ahead of you, and a better sense of what your security team is going to ask for before they sign off on scaling MCP adoption.
Speakers
avatar for Chris Urwin

Chris Urwin

VP of Field Engineering, Obot AI
Chris Urwin is VP of Field Engineering at Obot AI and a veteran engineering leader. With deep hands-on experience in cloud‑native platforms, Kubernetes, containers, CI/CD, and developer tooling, he builds and scales global technical teams. Chris bridges product, engineering, and... Read More →
avatar for Shannon Williams

Shannon Williams

President, Obot AI
I am the President and co-founder of Obot AI, and have been building open source software for the last 20 years. Prior to starting Obot, I co-founded Cloud.com (creator of CloudStack) and Rancher Labs (creator of Rancher, k3s, Longhorn, etc). I was a board member of the CNCF for 4... Read More →
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 2
  Enterprise Adoption + Integration

3:20pm IST

Building Rich AI-Native UI for Agentic Interactions Using MCP Apps - Ashita Prasad, AWS
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 1
AI Agents are getting smarter with each passing day. But, their interfaces? Not so much.

But, what if there is a way to turn the AI chat from a place where you converse into a place where you can actually work?

MCP Apps offer a solution to go beyond the text and standardize how MCP servers can deliver rich, bidirectional UI components like dashboards, forms, interactive visualizations & more. These components are rendered securely and natively within AI hosts, enabling agents to interact with users via rich interactive interfaces.

In this session, attendees will learn:
- Core architectural patterns from real MCP Apps development
- How to handle sandboxed host–server communication, manage state synchronization, stream real-time updates, handle async tasks, & add multiplayer collaboration
- How to leverage context and persist memory across conversations
- How to avoid some common pitfalls and utilize debugging workflows and tools
- How to add authentication & deploy a remote MCP Server providing MCP Apps

We will walk through a complete, production-style Sales Analytics MCP Apps and perform a code deep-dive to showcase the effective foundational patterns while building MCP Apps.
Speakers
avatar for Ashita Prasad

Ashita Prasad

SDE / Developer Advocate, AWS
Ashita works as a developer advocate at AWS with a strong focus on frontend and AI technologies. With 10+ years of experience in full stack development, she is passionate about building impactful products and equally loves empowering & engaging with fellow developers in the commu... Read More →
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 1
  Building with MCP

3:20pm IST

Who's Calling? Bringing Identity To the MCP Host - Ayesha Dissanayaka, WSO2
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 3
The MCP authorization spec gives us a clean OAuth 2.1 story between clients and servers. What it leaves out of scope is the host itself, the AI agent orchestrating the conversation. That's where enterprise deployments quietly break.

An MCP host is not a passive pipe. It accepts requests from users, services, and peer agents, reasons with LLMs, and invokes tools across many servers. Every edge is an identity boundary. Without a first-class host identity, no stable credentials, no verifiable delegation, no independent audit trail, every downstream decision inherits that ambiguity. Who made this tool call? The user? The agent on their behalf? The agent autonomously? Most deployments cannot answer, so they cannot enforce least privilege or satisfy audit.

This talk treats the MCP host as a first-class identity through four disciplines: Administer (lifecycle, credentials), Authenticate (how a host proves itself), Authorize (delegation vs. impersonation, token exchange, actor claims), and Audit (trails that separate agent action from user intent). For each, we'll show what the spec covers, where the gap sits, and which extensions and emerging patterns are converging to close it.
Speakers
avatar for Ayesha Dissanayaka

Ayesha Dissanayaka

Associate Director / Architect, WSO2
Ayesha is Lead Architect for Identity and Access Management for Agentic AI at WSO2, specializing in securing autonomous AI systems. With over a decade in enterprise IAM, she architects identity solutions for AI agents, bridging traditional frameworks with emerging AI security needs... Read More →
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 3
  Security, Identity + Trust

3:45pm IST

Agentless Agents: Replacing Sidecar Observability With eBPF + MCP Tool Chains - Harini Anand, IBM
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 2
The dominant observability pattern for AI agents today is layered agents: sidecars, daemon sets, exporters. Each adds blast radius.

This talk proposes flipping the model, using eBPF for zero-agent kernel telemetry, exposing it via MCP, and letting the LLM itself do the orchestration across tool calls.

I'll demo a concrete multi-tool MCP interaction: an LLM receives "why is this service slow?", autonomously calls get_recent_process_execs, correlates with get_active_connections, and follows up with get_high_syscall_latency, forming a causal chain from kernel truth to natural language diagnosis. No pre-scripted runbook. No human in the loop.

The talk goes deep on failure modes specific to this architecture: tool-call loops triggered by ambiguous latency signals, hallucination risk when eBPF data is sparse, and retry/fallback strategies when kernel probes detach under load.

We'll also cover how to design MCP tool responses that constrain LLM reasoning toward actionable conclusions, not just open-ended exploration.

Attendees leave understanding how to architect kernel-aware agentic systems that are genuinely production-safe.
Speakers
avatar for Harini Anand

Harini Anand

SDE in Data & AI, IBM
SDE at IBM Data & AI, working on IBM watsonx™. Software Engineering Researcher at UIUC. Computational Cognition Researcher at Georgia Institute of Technology. Biomedical XAI Researcher at Dartmouth College.
Formerly at Niramai & IIT Hyderabad, researching ML for breast cancer and gene regulatory networks. Built cognitive tools for dementia prevention as a student entrepreneur. Google KaggleX Mentee, AWS Scholar, Harvard WE Tech Fellow, Oxford & MIT Summer School alumna and a Stanford... Read More →
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 2
  Agent Architecture + Orchestration

3:45pm IST

Building an Enterprise MCP Registry: Secure Discovery, Governance, and Reuse at Scale - Kushagra Mittal, Motorola Solutions & Dhruv Agarwal, Motorrola Solutions
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 3
As enterprises scale AI operations to support hundreds of agents and thousands of users, they inevitably hit an architectural wall. The friction points fall into three categories: visibility, control, and reuse. Teams struggle to discover existing agents and MCP servers across a large organization, platform teams need to govern publication and enforce security, and siloed groups waste time rebuilding capabilities that already exist. Without a centralized registry, agent sprawl grows, compliance risk increases, and critical knowledge stays trapped in local teams. In this session, we will share how the Motorola Solutions Platform Engineering team addressed this bottleneck by building a shared discovery and governance layer for internal AI resources. We will unpack the patterns behind our internal MCP catalog, including agent and prompt versioning, team-based visibility controls, approval workflows, and automated security scanning before resources are broadly shared. We focus on what broke early, and what won trust first. Attendees will leave with a practical, vendor-agnostic blueprint for making MCP resources easier to discover, safer to publish, and more reusable at enterprise scale
Speakers
avatar for Kushagra Mittal

Kushagra Mittal

Software Engineer, Motorola Solutions
Passionate software engineer based in Bangalore, India. Currently a part of team where we lead the effort in AI R&D for the organization.
avatar for Dhruv Agarwal

Dhruv Agarwal

Software Engineer, Motorrola Solutions
Innovative Software Engineer at Motorola Solutions R&D, focused on the future of AI and digital authenticity. Expertly navigating the frontier of MCP, A2A, and C2PA to deliver secure, scalable, and durable software at industry-leading speeds. REVA University Alumnus (9.03 CGPA) with... Read More →
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 3
  Ecosystem, Registries + Platform Infrastructure

3:45pm IST

The MCP Trust Gap: I Tested 65 MCP Servers Across 4 Directories — Here's What Nobody Measures - Manav Agarwal, AgentProof
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 1
56,000+ MCP servers are listed across mcp.so, Smithery, Glama, and PulseMCP. But how do you know which ones actually work?

I independently mapped 4 major MCP directories and tested 65+ servers across Research, Code, and Finance categories. The results expose a critical trust gap.

Each directory measures something different — none measure what matters most:
- mcp.so (19.5K servers): Zero quality signals
- Smithery (4.4K): Tracks uptime, not output quality
- Glama (21K): Grades code quality, not correctness
- PulseMCP (11K): Tracks popularity only

Key findings I'll share:

1. Quality collapse at scale — Developer Tools has 8,800 servers but only ~12 are consistently good (0.1% quality rate)

2. The Finance/Payments desert — 74 Finance servers out of 19,557 (0.4%). Fewer than 8 support agent-to-agent payments across 14 protocols I analyzed

3. A practical framework for MCP server trust — beyond code grades to actual output quality assessment

This is independent research, not a product pitch. Full dataset and methodology shared openly.

Attendees leave with the first cross-directory quality analysis of the MCP ecosystem and a framework for evaluating servers.
Speakers
avatar for Manav Agarwal

Manav Agarwal

Founder & Independent Researcher, AgentProof
Creator of AgentProof, an independent benchmarking and trust analysis project for AI agents. Mapped 10 agent directories containing 1.24M+ listings, deep-dived 3 agent categories, and health-checked 65+ MCP servers. Previously analyzed 14 agentic payment protocols (x402, Stripe ACP... Read More →
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 1
  Security, Identity + Trust

4:10pm IST

The Handoff Hallucination: Why Agents Skip Steps and How To Catch It - Ujjwal Kumar Singh, Skeps
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 2
In multi-step agent workflows, correctness isn't just about what the system returns, it's about how it got there.
An agent can claim "approval verified" without actually calling the approval service. The response looks valid, logs appear complete, and schema checks pass yet a critical step was skipped. This is process hallucination.
In financial and compliance workflows, skipping a required step isn't a bug, it's a violation.
Current testing approaches focus on outputs, not execution paths. As a result, these failures remain invisible until they cause real damage.
This talk introduces a Step Verification Layer, a deterministic check that validates whether required actions were actually executed, not just claimed.
By defining allowed sequences of actions and verifying execution against them, teams can detect skipped steps, invalid transitions, and silent process failures before they reach production.
A valid execution trace is not the same as a correct one. This talk is about verifying the difference.
Speakers
avatar for Ujjwal Kumar Singh

Ujjwal Kumar Singh

Software Development Engineer in Test, Skeps
Ujjwal Kumar Singh is a Software Tester who focuses on exploring software quality beyond traditional test cases and automation. His work centers on understanding how testing practices interact with engineering workflows, contributor collaboration, and project governance. He is particularly... Read More →
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 2
  Agent Architecture + Orchestration

4:10pm IST

OAuth Isn't Enough: Confused Deputy in Multi-Agent MCP Pipeline - Sankalp Sandeep Paranjpe, Big4 Consulting Firm; Vishal Alhat, AWS
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 1
OAuth-based authentication is becoming the default foundation for MCP-enabled systems. However, while authentication is standardized, authorization across agent boundaries remains unresolved.

In multi-agent MCP pipelines, orchestrators delegate tasks to sub-agents that act using the user’s authority. This creates a classic confused deputy problem: a sub-agent executes with valid credentials, but under the influence of untrusted inputs such as prompt injections or malicious tool manifests. As a result, it can access or exfiltrate data beyond the user’s original intent.

This talk demonstrates how privilege propagation, not authentication failure, is the core risk.

I will present a three-layer enforcement model:

1) Token attenuation using RFC 8693 to restrict sub-agent privileges at delegation time
2) Policy enforcement using Open Policy Agent to treat every tool call as untrusted input
3) Structured audit trails to ensure post-incident analysis

Live demo: the same MCP pipeline executed twice, first with default delegation (resulting in silent data exfiltration via prompt injection), and then with all three controls applied, where the attack is blocked, logged, and auditable.
Speakers
avatar for Vishal Alhat

Vishal Alhat

Developer Advocate, AWS

Vishal Alhat is a Developer Advocate at Amazon Web Services (AWS) and a former AWS Hero, recognized for his significant contributions to the AWS community. With 11+ years of experience in cloud technologies, Vishal specializes in DevOps, cloud security, and AI/ML.As an active community... Read More →
avatar for Sankalp Sandeep Paranjpe

Sankalp Sandeep Paranjpe

Cloud Security Consultant, '-
Sankalp Sandeep Paranjpe is a DevSecOps Engineer and cloud security practitioner. He speaks at community and security events on practical DevSecOps and Kubernetes security topics. He volunteers with AWS User Group Pune and contributes to the cloud-native community through talks, workshops... Read More →
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 1
  Security, Identity + Trust

4:10pm IST

Operationalizing MCP: Security, Control Planes, and Risk Governance - Sagar Dashora, JPMorgan Chase & Co
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 3
As the Model Context Protocol (MCP) emerges as a standard interface for connecting models, agents, and tools, organizations are exploring MCP servers while also evaluating the operational and security implications of adopting them at scale. This session proposes the solutions and guardrails to address the common security issues such as lethal trifecta, tool poisoning and access misuse.

The talk will outline how MCP registry, control planes, secure gateways and trust boundaries a work together to enable risk governance, security, and operational reliability across agent and MCP ecosystems.

While examples may reference specific approaches, the session remains implementation-neutral and focuses on how these controls collectively establish a safe and scalable MCP environment. Attendees will gain a holistic understanding of how layered controls can address the security concerns and operational risks associated with MCP servers, helping organizations move toward trusted, scalable MCP ecosystems.
Speakers
avatar for Sagar Dashora

Sagar Dashora

Senior Vice President, JPMorgan Chase & Co
Technology lead with 17yrs experience in large enterprise-grade software applications, specializing in financial services domain. Design architect and lead for developing firmwide MCP and Agentic frameworks in JPMorgan Chase. Active contributor to the Agentic AI Foundation(AAIF) working... Read More →
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 3
  Security, Identity + Trust

5:15pm IST

The State Sidecar: Solving the MCP Stateless Paradox - Joval Kuruvila, Caze Labs Private Limited & Advaith Sanil Kumar, Caze Labs
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 1
There is a fundamental contradiction at the heart of production deployments for the Model Context Protocol (MCP). Conceptually, MCP sessions are stateful: they establish connections, negotiate capabilities, and persist context. However, modern deployment environments—like Kubernetes horizontal scaling, serverless functions, and AWS Bedrock AgentCore—are inherently stateless.

The current ecosystem advice is simply to "externalize your state," but there is no standardized infrastructure for doing this natively within MCP. Developers are forced to build ad hoc memory management using custom Redis wrappers or brittle in-memory dictionaries.

This session introduces the State Sidecar pattern: a dedicated MCP server whose sole responsibility is to store, manage, and retrieve agent workflow state. Instead of building custom database connectors, any agent can call the sidecar via standard MCP tool calls to persist intermediate results, track task progress, and maintain context summaries.
Speakers
avatar for Joval Kuruvila

Joval Kuruvila

Software Engineer, Caze Labs Private Limited
Joval Kuruvila is a Bengaluru-based AI/LLM Engineer with 2 years of experience building production-grade GenAI systems. Currently at Caze Labs Pvt Ltd, he specializes in agentic workflows (LangGraph), RAG pipelines, and real-time conversational AI. A B.Tech graduate, open-source contributor... Read More →
avatar for Advaith Sanil Kumar

Advaith Sanil Kumar

AI Intern, Caze Labs | Student, PES University and IIT-Madras, Caze Labs Private Limited
Advaith Sanil Kumar is an AI researcher and developer focused on building intelligent, context-aware systems. Currently an AI Intern at Caze Labs and contributor to open-source MCP ecosystem efforts under the Linux Foundation, he works on LLM testbeds, agentic systems, and prompt... Read More →
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 1
  Agent Architecture + Orchestration

5:15pm IST

Scaling AI: gRPC as Transport Backbone for Enterprise MCP - Pawan Bhardwaj, Google
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 2
The Model Context Protocol (MCP) is rapidly becoming the standard for connecting LLMs to data sources and tools. However, as organizations move from local experimentation to global production, the default JSON-RPC over HTTP transport hits a "scale ceiling."

gRPC is already establish as a go to library for transport for enterprise services as it provide high throughput and better performance using protobuf and HTTP/2. gRPC has Service Mesh Integration, Observability, Enterprise security and many more features, which can be leveraged by the MCP Server and Clients.

This session show case a demo of using MCP with gRPC transport.
Speakers
avatar for Pawan Bhardwaj

Pawan Bhardwaj

Senior Software Engineer, Google
As a senior software engineer specializing in gRPC within Google's open source team, my focus lies in enhancing the performance and usability of networking systems for applications. My previous experience includes working with Cumulus Linux and Cisco NxOS on network forwarding pl... Read More →
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 2
  MCP Protocol in Depth

5:40pm IST

Orchestrating Agent Swarms With MCP, Sandboxing and Shared Filesystems - Vikram Vaswani, Developer Advocate
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 3
Single agents calling MCP tools is a solved problem. Multi-agent swarms, where several agents coordinate on the same task, isn't.

The moment you go from one agent to three, you hit a set of problems that MCP itself doesn't solve and that most orchestration frameworks only paper over: how do agents share state without drowning each other in JSON, how do you isolate their execution when they're all touching the same files, and how does one agent pick up where another left off?

This talk walks through those three problems using a concrete example: a code review swarm. Three specialized reviewer agents (style, security, test coverage) work on the same PR in parallel. A fourth, a developer agent, reads their findings and applies the fixes. Each agent runs in its own isolated sandbox. They collaborate through a shared filesystem rather than by passing context in prompts.

This is a technical deep dive covering:
- why traditional file storage mechanisms are not optimized for agentic workloads
- why shared workspaces are better than passing state through prompts or RAG lookups
- why isolation boundaries are important when agents execute code

Includes live demo of swarm.
Speakers
avatar for Vikram Vaswani

Vikram Vaswani

Developer Advocate, Self Employed - Consultant
Vikram Vaswani is a developer advocate, open source consultant, and technical author with 20+ years of experience helping teams adopt and scale open source technologies. He is the author of seven books published by McGraw-Hill and Pearson, with translations in multiple languages... Read More →
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 3
  Agent Architecture + Orchestration

5:40pm IST

Building Autonomous Mobile Agents With MCP - Srinivasan Sekar & Sai Krishna, TestMu AI
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 1
Most developers encounter MCP as a way to give chat assistants better tools. This talk blows that ceiling off.
Using two open-source projects, Appium MCP and AppClaw, we'll show how MCP becomes the backbone of a fully autonomous agent that controls real Android and iOS devices without a human in the loop. The agent perceives a live UI tree, reasons about what to do next, calls MCP tools to act, observes the result, and loops handling stuck states, recovering from failures, and decomposing multi-app goals on its own.
We'll go deep on the architecture decisions that make this work in production: how dynamic tool discovery lets the agent adapt to new capabilities at runtime without code changes; how parsing raw UiAutomator2/XCUITest XML into compact representations makes mobile UI fit inside an LLM context window; why dual vision (DOM-first with screenshot fallback) beats either strategy alone; and how stuck detection transforms a fragile demo into a reliable engineering tool.
Attendees will leave with a concrete mental model for building agentic systems on MCP and an understanding of why the protocol matters far beyond tool-calling alone.
https://github.com/appium/appium-mcp
Speakers
avatar for Srinivasan Sekar

Srinivasan Sekar

Director of Engineering, TestMu AI
Srinivasan Sekar is the Director of Engineering at TestMu AI (formerly LambdaTest). He is the author of "The MCP Standard" and has a strong passion for contributing to open source projects. As an Appium Member, he has contributed to several open-source repositories, including Selenium... Read More →
avatar for Sai Krishna

Sai Krishna

Director of Engineering, TestMu AI
I am a Director of Engineering at LambdaTest with a decade of experience in testing mobile applications and building automation frameworks. As an active contributor to Appium and a member of the Appium organization, I am deeply involved in the open-source community. I am passionate... Read More →
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 1
  Building with MCP

5:40pm IST

Rethinking Agent–Database Access: A Secure Approach With MCP Toolbox - Shivay Lamba, Qualcomm & Anushka Saxena, Google
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 2
Securely database connections in MCP based Agentic applications has become a critical challenge. Traditional approaches for connectivity introduce risks such as prompt injection, over-permissioned access, and lack of observability.

This talk introduces the Model Context Protocol (MCP) Toolbox for Databases, an open-source framework that standardizes how AI agents interact with data systems. By treating database access as a structured, reusable, and secure set of tools, developers can enable agents to perform meaningful operations while maintaining strict control over data exposure. Toolbox secures your agentic workflows for resources or tool executions
by acting as an OAuth 2.1 Resource Server that validates JWT Bearer tokens from your OIDC provider.

Through a real-world case study, we will demonstrate how to build an intelligent agent that combines semantic vector search with transactional workflows like inventory updates and cart management, all powered through a unified MCP configuration.

So join us to learn how MCP enables scalable, high-performance agentic architectures using efficient connection pooling, without compromising on security, observability, or control.
Speakers
avatar for Shivay Lamba

Shivay Lamba

Senior ML Engineer, Qualcomm
Shivay Lamba is a software developer specializing in DevOps, Machine Learning and Full Stack Development.

He is an Open Source Enthusiast and has been part of various programs like Google Code In and Google Summer of Code as a Mentor and is currently a MLH Fellow. He has also worked at organizations like Amazon, EY, Genpact. He is a Tensorflow.JS SIG member and community lead from In... Read More →
avatar for Anushka Saxena

Anushka Saxena

Software Application Development Apprentice, Google
I'm a passionate advocate for cloud-native technologies and an active contributor to the CNCF community. Currently I'm working as a Software Application Development Appprentice at Google (GCP Databases, MCP Toolbox) and I'm a LFX mentee in the CloudNativePG project. I was a participant... Read More →
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 2
  Enterprise Adoption + Integration

6:05pm IST

Zero-Trust Execution: Sandboxing MCP Data Agents With WebAssembly - Shuva Jyoti Kar, Palo Alto Networks
Sunday June 14, 2026 6:05pm - 6:30pm IST
Lotus 3
The Model Context Protocol (MCP) standardizes context retrieval and tool execution, but granting LLMs access to dynamic execution environments introduces critical runtime vulnerabilities. Traditional containerization (e.g., Docker/containerd) introduces unacceptable latency overhead for sub-second agentic loops, while static IAM/RBAC models fundamentally fail to constrain non-deterministic generated code.

This technical session details the architectural implementation of embedding a WebAssembly (WASM) runtime within an MCP server to enforce a strict, capability-based execution boundary. We will deconstruct how to compile MCP tools to WASM modules and utilize the WebAssembly System Interface (WASI) to ensure that any logic invoked by an LLM is isolated from the host operating system.
Speakers
avatar for SHUVA JYOTI KAR

SHUVA JYOTI KAR

Senior Principal Engineer, Palo Alto Networks
Shuva is a Senior Principal Engineer at Palo Alto Networks architecting secure enterprise AI platforms. He is authoring two upcoming books: Engineering the Data Agent Control Plane (O'Reilly) and Agent Skills in Action (Manning). An open-source contributor and former OpenDaylight... Read More →
Sunday June 14, 2026 6:05pm - 6:30pm IST
Lotus 3
  Security, Identity + Trust
 
  • Filter By Date
    Jun 14 - 15, 2026
  • Filter By Venue
    Bengaluru, Karnataka, India
    All
    Lotus 1
    Lotus 2
    Lotus 3
    Lotus Concourse
  • Filter By Type
    Agent Architecture + Orchestration
    Building with MCP
    Ecosystem, Registries + Platform Infrastructure
    Enterprise Adoption + Integration
    Keynote
    MCP Protocol in Depth
    Meals + Breaks + Special Events
    Registration
    Security, Identity + Trust
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Sunday, June 14
Monday, June 15
Lotus 1
Lotus 2
Lotus 3
Lotus Concourse
  • Agent Architecture + Orchestration
  • Building with MCP
  • Ecosystem, Registries + Platform Infrastructure
  • Enterprise Adoption + Integration
  • Keynote
  • MCP Protocol in Depth
  • Meals + Breaks + Special Events
  • Registration
  • Security, Identity + Trust
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate