Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Company: Intermediate clear filter
arrow_back View All Dates
Monday, June 15
 

11:30am IST

The Invincible MCP Server: Building Crash-Proof AI Tools With Durable Execution - Shubham Londhe, Temporal
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 3
We All have been building AI Agents with MCP since it launched in 2024, but there's one thing no one is talking about - "What happens when MCP Fails? (and they fail often). MCP is just a process and it can crash, and so will the AI agent progress, it all can vanish with a crash.

Well, the new Tasks primitive in MCP (SEP-1686) helps a lot, it gives your AI agents a way to hand off long-running tools, but it doesn't solve the real problem. They don't maintain the state when the server crashes.

In this session, I'll do a live demo of a Kubernetes Auto Healing AI Agent with MCP server and walk through how to wrap MCP tool logic in workflows that survive crashes, restarts, and network failures.
I'll cover how to handle human-in-the-loop approvals inside long-running tools, how to retries and state-management, and how to observe what your MCP tools are doing in production.

I'll be breaking a running server on stage and show you the agent recovering without losing a step. Hence "The Invincible MCP Server"
Speakers
avatar for Shubham Londhe

Shubham Londhe

Senior Developer Advocate, Temporal
Hello Dosto, I am Shubham Londhe, a Senior Developer Advocate, passionate about developing and deploying production-ready applications.

Its been more than 9+ years in the IT industry and having worked with AWS, Temporal, gave me a lens of how Production-readiness works.

I take this experience and share it with learners across India through my YouTube channel "TrainWithShubham" with over 175000 subscribers. Happy Learning... Read More →
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 3
  Building with MCP

11:30am IST

Why Most MCP Tools Fail Silently, and How To Measure It - Om Shree, Shreesozo
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 2
Most MCP servers don't break because of bugs. They break because the tool descriptions are too vague for agents to reliably pick the right tool.
Two research papers put numbers to this. A SAIL Research study of 856 tools across 103 MCP servers found 97% have at least one quality defect, 56% don't clearly state what the tool does, 89% give no guidance on when not to use it. A second study of 10,831 servers found that well-written descriptions get selected 260% more often, and fixing them raises task success rates by roughly 6 points.
Working with the Glama founder, I helped develop the Tool Definition Quality Score (TDQS) - an open source framework that scores every MCP tool across six dimensions: Purpose Clarity, Usage Guidelines, Behavioral Transparency, Parameter Semantics, Conciseness, and Contextual Completeness. Each tool gets a 1–5 per dimension with specific feedback on what's missing and why it matters.
This talk covers how TDQS was built, what scoring thousands of real servers revealed, and how server authors can use it to ship tools agents actually invoke correctly. The framework is open source and already live across Glama-hosted servers.
Speakers
avatar for Om Shree

Om Shree

Founder, MCP Consultant & Content Strategist, Shreesozo
I'm the founder of Shreesozo, an AI content studio focused on MCP and agentic AI. I've written 100+ technical pieces for Glama.ai and Gentoro, covering everything from protocol internals to real-world agent deployments. I run MCP Weekly, published on YouTube (1.2K subscribers) and... Read More →
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 2
  MCP Protocol in Depth

11:55am IST

From Shadow MCP To Sanctioned MCP: Building an Enterprise Agent Governance Program - Navin Pai, StackGen & Archana Rajkumar, SentinelOne
Monday June 15, 2026 11:55am - 12:20pm IST
Lotus 3
MCP has become the de-facto "standard" for exposing the external environment to agents, but security has always been a trailing concern, making a lot of platform teams sweat under the collar. Policy checks and tool-call authentication were tacked on quickly, but are quickly being seen are necessary but not sufficient. This session zooms out from single-agent enforcement to the operational challenge security and platform teams actually face in 2026: dozens of agents, hundreds of MCP server connections, multiple clouds, rogue tool registrations, and no centralized visibility into what's running.

This session presents a multi-stage maturity model for enterprise MCP governance, to help take practitioners from "we have no idea what's running" to "every tool call is governed, audited, and compliant with internal policies", and shows how to build the program incrementally, without boiling the ocean in the process and slowing down developer velocity.
Speakers
avatar for Navin Pai

Navin Pai

Director of Engineering, StackGen
Navin is a Founding Engineer at OpsVerse. You'll often find him on the internet, getting into flamewars about observability, large scale system design, and open source software
avatar for Archana Rajkumar

Archana Rajkumar

Staff Software Engineer, SentinelOne
I am a Staff Software Engineer at SentinenOne, and enjoy working at the intersection of AI, CyberSecurity and DevOps
Monday June 15, 2026 11:55am - 12:20pm IST
Lotus 3
  Security, Identity + Trust

12:20pm IST

Beyond 1:1 Mapping: Designing MCP for Real Enterprise Systems - Naresh Waswani, Simpplr Inc. & Jyoti Notani, Persistent Systems Ltd
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 2
Many organizations exploring MCP already operate large microservice ecosystems. A common first instinct is to mirror that architecture directly—one microservice becomes one MCP server, and each API becomes a tool. While simple in theory, this often creates too many servers, overlapping tools, poor discoverability, and unnecessary operational complexity.

This session explores how to design MCP boundaries for real enterprise environments instead of copying existing service boundaries. I’ll walk through practical patterns for grouping capabilities, aggregating multiple services behind task-oriented tools, and exposing interfaces optimized for agents rather than internal architecture diagrams.

We’ll also cover how different agents can safely consume shared MCP services, along with key considerations such as ownership, versioning, permissions, observability, and scaling MCP across many teams.

A short demo will show how a well-designed MCP layer can simplify complex multi-service workflows.

If your organization already has dozens or hundreds of services, this session will help you adopt MCP intentionally - without repeating old patterns in a new protocol.
Speakers
avatar for Naresh Waswani

Naresh Waswani

Senior Architect, Simpplr Inc.
Hands-on architect specializing in resilient distributed systems, microservices, event-driven architecture, and cloud-native modernization. AWS User Group Nagpur Leader and 6+ year AWS Community Builder, active in speaking, mentoring, and community building. My recent focus is Generative... Read More →
avatar for Jyoti Notani

Jyoti Notani

Architect, Persistent Systems Ltd
Seasoned professional with experience on working with Microservices,Devops and SRE
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 2
  Enterprise Adoption + Integration

12:20pm IST

Your AI Chatbot Just Exposed Your CEO’s Salary To an Intern: Securing Enterprise AI Agents - Hasini Samarathunga & Sahan Dilshan, WSO2
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 3
Have you ever worried that your new AI Agent might be a little too helpful? Imagine an intern asking an HR chatbot, "What is the CEO's salary?" and the bot, designed to be helpful, promptly fetches it.

As we equip LLMs with tools via the MCP to query internal systems, we introduce a significant data privacy risk if the agent cannot distinguish who is making the request.

In this session, we’ll explore the critical intersection of IAM and AI agents. You’ll see how to implement fine-grained access control and “on-behalf-of” user execution in MCP servers. By securely propagating user context, an agent ensures that when the CEO queries salary data, the data is delivered, but when an intern makes the same request, the system restricts it.

We’ll also dive into the “Human-in-the-Loop” (HITL) pattern, a safeguard that pauses high-risk actions for explicit human approval. You’ll learn how to design secure-by-default MCP architectures using standard authentication flows, zero-trust permissioning, and HITL workflows to keep your AI agents aligned, controlled, and trustworthy.
Speakers
avatar for Hasini Samarathunga

Hasini Samarathunga

Senior Software Engineer, WSO2
Hasini Samarathunga is a Senior Software Engineer at WSO2, with 3+ years of experience specializing in IAM and B2B domains. She is currently working on building B2B capabilities for MCP servers and introducing Agent-as-a-Service within WSO2 Identity Server.

She believes great tech talks should cut through the buzzwords and make complex ideas accessible, ensuring everyone, regardless of experience level, can walk away having learned something useful... Read More →
avatar for Sahan Dilshan

Sahan Dilshan

Associate Tech Lead, WSO2
Sahan Dilshan is an Associate Tech Lead at WSO2, where he has spent the past five years designing and building identity and access management features. His current focus sits at the intersection of two complementary areas: IAM for AI securing agentic systems with proper identity... Read More →
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 3
  Security, Identity + Trust

12:45pm IST

Stateful AI Agents: Building Consistent Systems With MCP and Distributed SQL - Nasiullha Chaudhari, YugabyteDB & Vanshika Jain, Brudite Private Limited
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 1
An agent processes a payment, hits a timeout, and retries. Now the payment has been charged twice. The model didn’t hallucinate. The workflow did exactly what it was told. The problem is that nobody designed the agent to be safe under retry.

This is a distributed systems problem.

When agents read data, take actions, and write results back, correctness depends on how state is managed across steps. Under retries or concurrent execution, the same workflow can produce conflicting outcomes.

This talk shows how to build stateful AI agents using the Model Context Protocol with a PostgreSQL-compatible distributed database. Instead of treating memory as embeddings, we treat it as structured, transactional state.

You will learn how to design MCP tools for database operations, manage multi-step workflows, and handle failure modes such as retries and idempotency. We will also explore consistency tradeoffs in distributed systems.

The session ends with concrete patterns for building reliable agents, including idempotent tools and safe retry design.
Speakers
avatar for Nasiullha Chaudhari

Nasiullha Chaudhari

Developer Engagement Manager, YugabyteDB
Nasiullha Chaudhari works as a Developer Engagement Manager at YugabyteDB, focusing on AI systems, distributed databases, and cloud-native architectures. He works on real-world AI agent systems and focuses on what it takes to run them reliably in production.

He is a Docker Captain and an international speaker who has spoken at developer and infrastructure conferences globally. He shares practical insights through his YouTube channel with 180K+ subscribers and with 70K+ followers on LinkedIn... Read More →
avatar for Vanshika Jain

Vanshika Jain

Lead Engineer-Developer Relations, Brudite Private Limited
Software Engineer turned Trainer and Public Speaker. I love talking about Cloud, DevOps, and the power of community to make tech more approachable. Through mentoring, training sessions, and talks, I try to help others grow in their tech journey.
Being in a startup, I didn’t just... Read More →
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 1
  Building with MCP

12:45pm IST

Your MCP Server Is an Attacker's Dream: A Security Playbook From Real-World Assessments - Akash Mahajan, KLOUDLE Inc.
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 3
MCP servers are quickly becoming the default interface between AI agents and production systems.

This speed has a cost. Most teams shipping MCP servers today are repeating the same security mistakes like overprivileged tool definitions, missing input validation, no transport-layer auth, and blind trust in what the LLM sends downstream.

This talk presents a practical security assessment playbook for MCP servers, built from hands-on penetration testing and security assessments of real MCP deployments.

We'll walk through the three-five most common vulnerability patterns seen in the wild.

- tool poisoning
- permission escalation
- transport misconfiguration
- server-side request forgery through tool arguments

For each vulnerability class, you'll see how the attack works, why it slips past code review, and what the fix looks like in practice.

Attendees will walk away with a repeatable methodology for assessing the security posture of any MCP server before it hits prod. Whether they built it or adopted it.
Speakers
AM
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 3
  Security, Identity + Trust

3:50pm IST

Designing Low-Latency MCP Systems for High-Throughput Data Pipelines: Architecture and Bottlenecks, - Partha Sarthy, Applied Materials
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 1
MCP simplifies AI-tool integration — but in high-throughput, latency-sensitive pipelines, its performance characteristics can quietly become the bottleneck. Iterative reasoning loops, sequential tool invocations, and context amplification compound in ways that are easy to miss in development and impossible to ignore in production.

This talk presents a structured decomposition of end-to-end MCP latency — reasoning, communication, execution, and coordination — giving engineers a precise framework for identifying where overhead actually lives. We then present targeted optimizations: parallel tool invocation, streaming responses, schema minimization, and intelligent caching.

The core architectural argument: MCP belongs on the control plane. Separating adaptive orchestration from data-plane execution preserves deterministic performance where it matters, while keeping model-driven flexibility where it adds value. A fast path versus intelligent path pattern follows naturally from this separation. A case study comparing naive and optimized pipeline implementations makes the gains concrete.
Speakers
avatar for Partha Sarthy

Partha Sarthy

Software Engineer, Applied Materials
I am a Software Engineer at Applied Materials working in the HPC and AI domain. I have a cumulative experience of close to 8.5 years and have served in companies like HPE, Juniper and Cisco. I am also an active member of IEEE and have presented in Conferences relating to Solid State... Read More →
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 1
  Building with MCP

3:50pm IST

MCP Elicitation in the Wild: When Agents Ask for Too Much - Kaiwalya Koparkar, Gravitee.io
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 3
Elicitation is one of MCP's most powerful and least governed features. It lets servers request additional input from users at runtime, enabling richer, more dynamic agent interactions. But in production environments, elicitation also opens a surface for agents to request sensitive data they shouldn't need, bypass approval flows, or trigger unintended actions under the guise of a helpful prompt. This session examines elicitation as a runtime governance problem: what it is at the protocol level, where the security boundary sits between server and client, and how to enforce limits on what agents can elicit without neutering the feature entirely. Drawing on real implementation experience, the talk covers policy patterns for elicitation scope control, audit logging of elicitation events, and the UX tradeoffs of locking it down. Attendees will leave with a clear framework for deciding when elicitation is safe, when it needs guardrails, and how to implement those guardrails in a running MCP deployment.
Speakers
avatar for Kaiwalya Koparkar

Kaiwalya Koparkar

Platform Advocate, Gravitee
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 3
  Security, Identity + Trust

4:15pm IST

100 Agents in 100 Days: Patterns and Anti-Patterns for MCP-Based Multi-Agent Systems - Harish Kotra, Forge Alumnus
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 2
Multi-agent systems on MCP are where most of the interesting architectural questions live: routing, state, retries, coordination, and what happens when any one of N tool calls misbehaves. Most talks on the topic are theoretical. This one is not.

Since early 2026 I've published one new AI agent every day at dailybuild.xyz. Many of them are multi-agent: price-war simulations, research pipelines, a local agent orchestration studio, a recursive research loop, human-in-the-loop travel planners, and a "swarm CFO" with policy-gated spend. Dozens of them plug into MCP servers.

In this session I'll pull out the ten orchestration patterns I now use by default when MCP is in the mix, and the ten I've thrown out. Topics include: why single-agent-with-many-tools usually beats a team of agents until it suddenly doesn't; how to design a router that survives tool-name collisions across multiple MCP servers; state strategies that don't rot; retry and compensation patterns for idempotent vs non-idempotent tools;

Every pattern in the talk is tied to a specific public build with working code, so attendees can go verify, fork, or challenge anything I claim.
Speakers
avatar for Harish Kotra

Harish Kotra

Fractional CTO, Forge Alumnus
Harish is a Fractional CTO and AI agent builder based in India. He previously led Developer Relations at Gaia and spent over a decade at AngelHack organizing 200+ hackathons. Since 2026 he's published one new open-source AI agent every day at dailybuild.xyz, 100+ builds spanning MCP... Read More →
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 2
  Agent Architecture + Orchestration

4:15pm IST

Starling: Building a Pay-as-you-go MCP Server for Live Kubernetes Ops - Avinash Patil, Warble Cloud
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 1
Most MCP demos stop at "hello world over stdio." Shipping a production MCP server means answering harder questions: How do you authenticate callers? How do you meter usage? How do you safely hand an LLM a live Kubernetes cluster without giving it the keys to prod?

This talk walks through Starling, a production MCP server that exposes 17 Kubernetes tools — from list_pods to scan_cluster — to Claude, Cursor, and VS Code. It runs live on GKE at ops-mcp.warblecloud.com, charges credits per tool call, and handles ephemeral kubeconfigs without ever persisting them.

We'll cover concrete design decisions: dual-transport architecture (stdio for desktop agents, HTTP for remote), a Firestore-backed credit ledger with atomic per-tool debits, mode-gated write tools (scale_deployment only when --mode=readwrite), and the security model for handing an LLM temporary cluster access.

Attendees leave with a working mental model for turning an MCP prototype into a billable, multi-tenant service — plus the exact auth, transport, and RBAC patterns they can lift into their own servers.
Speakers
avatar for Avinash Patil

Avinash Patil

Chief Flow Officer, Warble Cloud
Avinash Patil is the founder of warblecloud.com (Chirpstack LLP Entity ), building MCP-native Kubernetes tooling. He leads the Starling project, a production MCP server for cluster intelligence. Previously, he spent over 12 years leading cloud-native platform engineering at global... Read More →
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 1
  MCP Protocol in Depth

4:15pm IST

Securing MCP Servers for the Enterprise: OAuth 2.0, Keycloak, and Spring Boot in Production - Vishal Singh, Quest2travel
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 3
The MCP spec mandates OAuth 2.0 for HTTP-exposed servers, but most tutorials stop at "add a Bearer token." Enterprise deployments demand more: dynamic client registration, tool-level authorization, token introspection under load, and audit trails for compliance.

This session builds a production-grade MCP server with Spring Boot and the MCP Java SDK, secured by Keycloak. We cover: mapping OAuth scopes to MCP tool permissions, rate limiting per client credential with Bucket4j, wiring OpenTelemetry traces through the MCP request lifecycle, and handling edge cases at scale — token clock skew across distributed agents, graceful degradation when the IdP is unreachable, and preventing prompt injection from leaking privileged tool responses.

Attendees leave with a working architecture adaptable to any identity provider and a clear mental model of where MCP security ends and application security begins.

Breakdown: threat model (3 min), OAuth 2.0 + Keycloak layer (7 min), hardened Spring Boot server (8 min), edge cases from the field (5 min), architecture takeaway (2 min).
Speakers
avatar for Vishal Singh

Vishal Singh

Senior Software Developer, Quest2travel
Senior Software Developer at Quest2travel by MakeMyTrip, building Java/Spring Boot backend systems for B2B corporate travel at scale. Previously at Comviva (Tech Mahindra) on fintech platforms handling 3.5M+ API requests/day. Active open-source contributor to Keycloak (OIDC claim... Read More →
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 3
  Security, Identity + Trust

4:40pm IST

What a Database Team Discovers Building an MCP Server - Sfurti Sarah, Yugabyte & Heather Downing, YugabyteDB
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 1
Most MCP servers in production were built by AI teams. Meko's was built by a distributed SQL database team, and the view from this side of the stack is different.

Coming from storage, some decisions were obvious from day one. Memory, knowledge, conversation history, and structured data belong on one cluster, not four. Tenant isolation is a schema problem. The datapack, our per-agent namespace, fell out of the same instinct that builds any multi-tenant database.

Other decisions we only got right the second time. We started with a deployment model that gave every user their own MCP server, and pivoted to a shared fleet once we saw how real usage patterns played out. We shipped tools for capabilities that turned out to belong in skills. We learned where the language model needed a tight, opinionated surface and where it needed more room.

This talk is the story of what we brought to MCP from the database side, what we discovered once real agents started using it, and the pivots we made, including the ones still in flight.
Speakers
avatar for Sfurti Sarah

Sfurti Sarah

Senior Software Engineer, Yugabyte
Sfurti Sarah is a Senior Software Engineer at YugabyteDB working on Meko’s MCP server. Her work sits at the intersection of databases and LLMs, focusing on how these systems behave in real-world production environments.
avatar for HEATHER DOWNING

HEATHER DOWNING

Developer Advocate, YugabyteDB
Heather Downing is a Senior Developer Advocate at YugabyteDB and a Microsoft MVP focused on agentic AI, MCP, and secure software engineering.
7x MSFT MVP and fan of data in general.
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 1
  Building with MCP

4:40pm IST

The AI-First Device Farm: Exposing Remote Hardware Infrastructure Via MCP - Kalyan Kolachala, SymphonyAI Group India & Vaishali Shetty, GetWell Network (SAI Group)
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 2
For a geographically distributed Dev and QA team, accessing physical Set-Top Boxes for debugging is a constant bottleneck. By deploying Remote MCP, we transformed our physical STB testing lab into a shared, AI-accessible platform. This talk covers the infrastructure needed to host Remote MCP servers that interface with a fleet of physical devices. We will explore how developers can now use their local AI assistants (like Claude) to securely connect to, setup, and debug remote STBs as if they were sitting on their desks.
Speakers
avatar for Kalyan Kolachala

Kalyan Kolachala

Managing Director and Head of AI, SymphonyAI Group India
Kalyan is a senior engineering leader with experience in delivering world class, enterprise products and platforms involving SaaS, AI/ML, GenAI, Kubernetes, Cloud, and big data. He is currently India MD at SAI Group, a global enterprise AI leader. Worked previously at Intuit and Hitachi... Read More →
avatar for Vaishali Shetty

Vaishali Shetty

Architect - QA, Performance and Observability, GetWell Network (SAI Group)
Vaishali Shetty is a Principal Engineer at GetWell Network (SAI Group) and a Architect specializing in qa, performance, observability, and generative AI. She has held architect roles at Mycom and Hitachi Vantara, and leadership roles at Altisource Labs and Oracle. She designs testing... Read More →
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 2
  Ecosystem, Registries + Platform Infrastructure

5:35pm IST

Beyond Tool Calls: Unlocking Interactive, Token-Smart Agents With MCP Apps - Suraj B, HDFC Bank
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 1
MCP Apps are reshaping what a Model Context Protocol server can do — turning text-only tool exchanges into rich, interactive experiences embedded directly in the host. This session takes a builder's tour of the MCP Apps extension: core concepts, target use cases (dashboards, multi-step workflows, human-in-the-loop confirmations), the security model, and current limitations worth knowing before adoption.
A central theme is the visibility paradigm — letting UI carry state the model doesn't need to see, unlocking meaningful token savings on data-heavy flows. We'll cover iframe sandbox constraints, postMessage patterns, session-bound identity, and prompt-injection defenses for sensitive actions. We will also cover existing protocol limitations and work going on to address the same in exp-apps working group.
We close with a live Go-based demo executing a fund transfer flow end-to-end.
Speakers
avatar for Suraj B

Suraj B

Senior Software Engineer
Suraj is a contributor to the MCP Go SDK and member of the MCP Financial Services Interest Group. He is a Lead Backend and AI Engineer at HDFC Bank, building agentic AI platforms with a focus on MCP server architecture and token optimization. A Go developer with ~10 years of experience... Read More →
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 1
  Building with MCP

5:35pm IST

Building Interactive Tools With MCP Elicitation - Ashwin Hariharan, Redis
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 2
Most of us think of agent tools as vending machines - you put in the right input, you get the right output. Put in the wrong input, and you either get the wrong output or nothing at all.

This breaks for complex workflows where context is incomplete or intent is ambiguous. The tool either guesses wrong or fails outright. No back-and-forth, no clarification. Good AI tools built for conversation should explain what they need, what they'll do, and provide clear options.

In this session, we’ll look at how MCP elicitation works in practice across different workflows: covering ambiguous input, missing context, risky operations, and auth flows. Attendees will leave with concrete patterns for designing tools that go beyond transactional APIs to collaborative multi-turn interactions.
Speakers
avatar for Ashwin Hariharan

Ashwin Hariharan

Developer Advocate, Redis
Ashwin Hariharan is a Developer Advocate at Redis, with over eight years of experience as a full-stack software engineer. He's passionate about making complex ideas simple, helping developers build faster, more reliable systems, and understand the "why" behind the tools they use.
... Read More →
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 2
  Building with MCP

5:35pm IST

Why Your MCP Server Needs Real Users — Implementing OAuth and Dynamic Client Registration for MCP - Tamil Vanan Karuppannan, Arcesium & Achanandhi M, EY
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 3
ost MCP servers today ship with a simple setup: plug in an API key or a shared credential, and you're good to go. That works fine for a weekend hack, but the moment you bring MCP into an enterprise, things start to fall apart. You don't want MCP clients storing static usernames and passwords — that's a security incident waiting to happen. You can't tell who did what, you can't enforce fine-grained access control, and your security team is not going to be happy. What enterprises actually need is for users to authenticate through their existing SSO, get access to MCP servers based on who they are and what they're allowed to do, and have every action tied back to a real identity for audit and compliance.

In this talk, we use the OpenSearch MCP Server as a concrete example to show why this matters and what we can do about it. We'll walk through extending the server to support OAuth 2.0 Authorization Code Flow with PKCE and Dynamic Client Registration (DCR), following the MCP authorization spec.
Speakers
avatar for Tamil Vanan Karuppannan

Tamil Vanan Karuppannan

Principal Engineer, Arcesium
Tamil vanan is a cloud native Tech lead at Arcesium and a former Kubernetes SME at VMware. He is passionate about finding solutions to problems in the cloud native environment.

He works with cloud-native technologies like Kubernetes, multi-cloud and networking. He is a passionate supporter of open source and CNCF and actively participates in it... Read More →
avatar for Achanandhi M

Achanandhi M

Advanced Analyst, EY
Achanandhi is an open source advocate who enjoys exploring new technologies and loves building communities. He actively contributes to open source projects and frequently speaks at community events, sharing knowledge about cloud-native technologies and open source. He is passionate... Read More →
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 3
  Security, Identity + Trust

6:00pm IST

Building an MCP Marketplace: Lessons in Discovery, Versioning, and Trust - Saurabh Mishra, Optum/UnitedHealthGroup
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 1
This talk shares practical lessons from building a marketplace for MCP servers covering how to design a discovery layer that goes beyond a simple registry, handle versioning without breaking agent workflows, and establish trust signals (author verification, schema validation, sandboxed execution scores) that developers can actually rely on.
Attendees will walk away with concrete patterns for publishing and consuming MCP servers at scale, and an honest look at what breaks when you try to standardize a fast-moving ecosystem.
Speakers
avatar for Saurabh Mishra

Saurabh Mishra

Lead DevOps Engineer, Optum (UnitedHealthGroup)
Saurabh Mishra is a Cloud Evangelist and architect dedicated to high-level automation and DevOps excellence. He actively engages with the global tech community, sharing insights on cloud-native technologies, security best practices and multi-cloud strategies.As an experienced speaker and mentor... Read More →
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 1
  Building with MCP

6:00pm IST

Stop the Wild Goose Chase: Enterprise Agents With Goose - Ram Iyengar, OpenSSF
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 2
The promise of autonomous AI agents has sent engineering teams on a wild goose chase—juggling vendor lock-in, unpredictable costs, & security nightmares all for an agent to execute a simple workflow.

Stop chasing and start building!

Enter goose: the open-source, general-purpose framework, designed to run natively on your machine. It connects to any LLM. goose shifts the paradigm from fragile and remote to robust and local.

In this talk, we shall explore how to successfully architect and deploy goose within an enterprise environment. Chop through hype to demonstrate how goose leverages MCP to integrate with your choice of tools. More importantly, we will tackle the critical enterprise realities of deploying autonomous agents: establishing strict token budgets, implementing robust security guardrails to prevent destructive terminal commands, and building "Custom Distros" to standardize AI workflows across your entire engineering organization.

Automate mundane research, streamline CI/CD, or safely vibecode ― you will leave this session with a practical blueprint for making open-source agents work for your enterprise, thanks to goose.
Speakers
avatar for Ram Iyengar

Ram Iyengar

India Community lead, OpenSSF
Ram Iyengar is an engineer by practice and an educator at heart. He was (cf) pushed into technology evangelism along his journey as a developer and hasn’t looked back since! He enjoys helping engineering teams around the world discover new and creative ways to work. He is a proponent... Read More →
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 2
  Enterprise Adoption + Integration

6:25pm IST

Who Do You Trust? Securing Multi-Agent MCP Systems in Healthcare - Yuvraj Pradhan, MIT ADT University & Archana Kumari, MIT ADT University
Monday June 15, 2026 6:25pm - 6:50pm IST
Lotus 3
An LLM caught my friend’s condition that doctors took two months to confirm. We asked: what happens when multiple specialised models review the same case together?

We built ConsensusMed on MCP. Each specialist model for a medical domain runs as an independent MCP server, and an orchestrator coordinates their outputs and decides what to trust when models disagree.

Multi-agent clinical systems face real attack surfaces:

- A malicious MCP server can exfiltrate OAuth tokens and impersonate legitimate users
- Prompt injection in clinical reports silently shifts outputs before consensus
- Tampered model weights corrupt findings with no OAuth scope catching it

So we built a trust layer directly into MCP:

- An MCP interceptor proxy redacts PHI using NER before any tool call reaches a specialist server
- The chairman verifies SHA-256 hashes of model weights against Ed25519-signed manifests before spawning
- Specialists run as stdio subprocesses. They never bind to a port. Network access is structurally impossible.

For regulated environments, we built an air-gapped MCP registry that operates entirely offline with cryptographic verification before execution.
Speakers
avatar for Yuvraj Pradhan

Yuvraj Pradhan

AI Systems Engineer, MIT-ADT UNIVERSITY
Yuvraj Pradhan is an AI Systems Engineer specialising in cost-efficient GenAI and secure multi-agent architectures. He is the first author of research published in Springer Nature on architecting a 125M-parameter NanoLLM for STEM tasks that outperforms significantly larger models... Read More →
avatar for Archana Kumari

Archana Kumari

Ai Systems Developer, MIT ADT University
Archana Kumari is an AI Systems Developer building practical machine learning systems and edge AI applications. Her work spans LLMs, computer vision on embedded devices, and full-stack tooling with Python and Java. She has developed multi-agent reasoning frameworks and voice-assisted... Read More →
Monday June 15, 2026 6:25pm - 6:50pm IST
Lotus 3
  Security, Identity + Trust
 
  • Filter By Date
    Jun 14 - 15, 2026
  • Filter By Venue
    Bengaluru, Karnataka, India
    All
    Lotus 1
    Lotus 2
    Lotus 3
    Lotus Concourse
  • Filter By Type
    Agent Architecture + Orchestration
    Building with MCP
    Ecosystem, Registries + Platform Infrastructure
    Enterprise Adoption + Integration
    Keynote
    MCP Protocol in Depth
    Meals + Breaks + Special Events
    Registration
    Security, Identity + Trust
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Sunday, June 14
Monday, June 15
Lotus 1
Lotus 2
Lotus 3
Lotus Concourse
  • Agent Architecture + Orchestration
  • Building with MCP
  • Ecosystem, Registries + Platform Infrastructure
  • Enterprise Adoption + Integration
  • Keynote
  • MCP Protocol in Depth
  • Meals + Breaks + Special Events
  • Registration
  • Security, Identity + Trust
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate