Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Company: Intermediate clear filter
Sunday, June 14
 

10:00am IST

Workshop: Building scalable, edge-native, production-grade MCP tools with RUST - Rajesh Sola, KPIT
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 3
The emergence of the Model Context Protocol is transforming how AI agents interact with tools, data, and real-world systems. However, most early MCP implementations rely on high-level runtimes that are not well-suited for embedded and resource-constrained edge environments. This session explores how RUST enables a new class of high-performance, memory-safe MCP servers designed specifically for Embedded Linux–powered edge devices.

In this tutorial, I'll walk through building a lightweight MCP server, bridging physical data sources into LLM-readable formats, enabling intelligent agents to reason over live edge data using Rust.

- Why MCP for Edge AI Systems?
- Why RUST?
- Building simple server using rmcp and testing with a client
- Bridging physical word e.g. Sensors, Telemetry, File Systems and structuring LLM-readable context, data pipelines
- High-performance Edge MCP Runtime - Async & Concurrency Models for scalable communication (MQTT, HTTP, gRPC etc.)
- Observability, tracing & Debugging
- Bring MCP in Agent loop, Using Rig for orchestration
- Deploying to target board, cross compilation steps
- Case Study: Building an Edge MCP Agent, e.g. Telemetry and Diagnostics
Speakers
avatar for Rajesh Sola

Rajesh Sola

Education Architect, KPIT Technologies Ltd
Rajesh is working as a Deputy Director at GITAM University's Centre for Academic Innovation and Advancement (CAIA). He is currently responsible for orienting Faculty and providing technical solutions to meet the industry expectations.

He has 20 years of experience with core focus on Embedded Systems, Linux, IOT, Open-Source solutions. He is the guest author for Open Source for You Magazine and renown speaker for many embedded, open-source conferences. He loves teaching, Linux & open source... Read More →
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 3
  Building with MCP

10:00am IST

Workshop: Enabling MCP at Enterprise Scale: Navigating Authentication and Governance Challenges - Shannon Williams & Chris Urwin, Obot AI
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 2
**Space Limited - First Come, First Served.  Please bring a fully charged laptop to the workshop**

Enterprise adoption of the Model Context Protocol is accelerating — but the path from "MCP works on my laptop" to "MCP running securely across our organization" is windy and challenging.
Building MCP servers isn't particularly hard. The real challenges are OAuth, identity sprawl, and the governance requirements your security team will eventually land on your desk.
MCP servers should focus on tools, resources, and prompts — not rebuilding OAuth infrastructure from scratch every time. A dedicated identity and governance control plane absorbs that complexity once, rather than forcing every server to solve it independently.
In this workshop, we will:
1. Demonstrate how to integrated MCP servers with identity management tools
2. Show how to tailor MCP authorization by groups and policies.
3. Work through real governance scenarios by filtering MCP calls for PII or code injection.
4. Demonstrate how MCP traffic can be captured via an MCP gateway and used for compliance, monitoring and observability.

You'll leave with a clear picture of the architectural decisions ahead of you, and a better sense of what your security team is going to ask for before they sign off on scaling MCP adoption.
Speakers
avatar for Chris Urwin

Chris Urwin

VP of Field Engineering, Obot AI
Chris Urwin is VP of Field Engineering at Obot AI and a veteran engineering leader. With deep hands-on experience in cloud‑native platforms, Kubernetes, containers, CI/CD, and developer tooling, he builds and scales global technical teams. Chris bridges product, engineering, and... Read More →
avatar for Shannon Williams

Shannon Williams

President, Obot AI
I am the President and co-founder of Obot AI, and have been building open source software for the last 20 years. Prior to starting Obot, I co-founded Cloud.com (creator of CloudStack) and Rancher Labs (creator of Rancher, k3s, Longhorn, etc). I was a board member of the CNCF for 4... Read More →
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 2
  Enterprise Adoption + Integration

3:20pm IST

Building Rich AI-Native UI for Agentic Interactions Using MCP Apps - Ashita Prasad, AWS
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 1
AI Agents are getting smarter with each passing day. But, their interfaces? Not so much.

But, what if there is a way to turn the AI chat from a place where you converse into a place where you can actually work?

MCP Apps offer a solution to go beyond the text and standardize how MCP servers can deliver rich, bidirectional UI components like dashboards, forms, interactive visualizations & more. These components are rendered securely and natively within AI hosts, enabling agents to interact with users via rich interactive interfaces.

In this session, attendees will learn:
- Core architectural patterns from real MCP Apps development
- How to handle sandboxed host–server communication, manage state synchronization, stream real-time updates, handle async tasks, & add multiplayer collaboration
- How to leverage context and persist memory across conversations
- How to avoid some common pitfalls and utilize debugging workflows and tools
- How to add authentication & deploy a remote MCP Server providing MCP Apps

We will walk through a complete, production-style Sales Analytics MCP Apps and perform a code deep-dive to showcase the effective foundational patterns while building MCP Apps.
Speakers
avatar for Ashita Prasad

Ashita Prasad

SDE / Developer Advocate, AWS
Ashita works as a developer advocate at AWS with a strong focus on frontend and AI technologies. With 10+ years of experience in full stack development, she is passionate about building impactful products and equally loves empowering & engaging with fellow developers in the commu... Read More →
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 1
  Building with MCP

3:20pm IST

Who's Calling? Bringing Identity To the MCP Host - Ayesha Dissanayaka, WSO2
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 3
The MCP authorization spec gives us a clean OAuth 2.1 story between clients and servers. What it leaves out of scope is the host itself, the AI agent orchestrating the conversation. That's where enterprise deployments quietly break.

An MCP host is not a passive pipe. It accepts requests from users, services, and peer agents, reasons with LLMs, and invokes tools across many servers. Every edge is an identity boundary. Without a first-class host identity, no stable credentials, no verifiable delegation, no independent audit trail, every downstream decision inherits that ambiguity. Who made this tool call? The user? The agent on their behalf? The agent autonomously? Most deployments cannot answer, so they cannot enforce least privilege or satisfy audit.

This talk treats the MCP host as a first-class identity through four disciplines: Administer (lifecycle, credentials), Authenticate (how a host proves itself), Authorize (delegation vs. impersonation, token exchange, actor claims), and Audit (trails that separate agent action from user intent). For each, we'll show what the spec covers, where the gap sits, and which extensions and emerging patterns are converging to close it.
Speakers
avatar for Ayesha Dissanayaka

Ayesha Dissanayaka

Associate Director / Architect, WSO2
Ayesha is Lead Architect for Identity and Access Management for Agentic AI at WSO2, specializing in securing autonomous AI systems. With over a decade in enterprise IAM, she architects identity solutions for AI agents, bridging traditional frameworks with emerging AI security needs... Read More →
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 3
  Security, Identity + Trust

3:45pm IST

Agentless Agents: Replacing Sidecar Observability With eBPF + MCP Tool Chains - Harini Anand, IBM
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 2
The dominant observability pattern for AI agents today is layered agents: sidecars, daemon sets, exporters. Each adds blast radius.

This talk proposes flipping the model, using eBPF for zero-agent kernel telemetry, exposing it via MCP, and letting the LLM itself do the orchestration across tool calls.

I'll demo a concrete multi-tool MCP interaction: an LLM receives "why is this service slow?", autonomously calls get_recent_process_execs, correlates with get_active_connections, and follows up with get_high_syscall_latency, forming a causal chain from kernel truth to natural language diagnosis. No pre-scripted runbook. No human in the loop.

The talk goes deep on failure modes specific to this architecture: tool-call loops triggered by ambiguous latency signals, hallucination risk when eBPF data is sparse, and retry/fallback strategies when kernel probes detach under load.

We'll also cover how to design MCP tool responses that constrain LLM reasoning toward actionable conclusions, not just open-ended exploration.

Attendees leave understanding how to architect kernel-aware agentic systems that are genuinely production-safe.
Speakers
avatar for Harini Anand

Harini Anand

SDE in Data & AI, IBM
SDE at IBM Data & AI, working on IBM watsonx™. Software Engineering Researcher at UIUC. Computational Cognition Researcher at Georgia Institute of Technology. Biomedical XAI Researcher at Dartmouth College.
Formerly at Niramai & IIT Hyderabad, researching ML for breast cancer and gene regulatory networks. Built cognitive tools for dementia prevention as a student entrepreneur. Google KaggleX Mentee, AWS Scholar, Harvard WE Tech Fellow, Oxford & MIT Summer School alumna and a Stanford... Read More →
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 2
  Agent Architecture + Orchestration

3:45pm IST

Building an Enterprise MCP Registry: Secure Discovery, Governance, and Reuse at Scale - Kushagra Mittal, Motorola Solutions & Dhruv Agarwal, Motorrola Solutions
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 3
As enterprises scale AI operations to support hundreds of agents and thousands of users, they inevitably hit an architectural wall. The friction points fall into three categories: visibility, control, and reuse. Teams struggle to discover existing agents and MCP servers across a large organization, platform teams need to govern publication and enforce security, and siloed groups waste time rebuilding capabilities that already exist. Without a centralized registry, agent sprawl grows, compliance risk increases, and critical knowledge stays trapped in local teams. In this session, we will share how the Motorola Solutions Platform Engineering team addressed this bottleneck by building a shared discovery and governance layer for internal AI resources. We will unpack the patterns behind our internal MCP catalog, including agent and prompt versioning, team-based visibility controls, approval workflows, and automated security scanning before resources are broadly shared. We focus on what broke early, and what won trust first. Attendees will leave with a practical, vendor-agnostic blueprint for making MCP resources easier to discover, safer to publish, and more reusable at enterprise scale
Speakers
avatar for Kushagra Mittal

Kushagra Mittal

Software Engineer, Motorola Solutions
Passionate software engineer based in Bangalore, India. Currently a part of team where we lead the effort in AI R&D for the organization.
avatar for Dhruv Agarwal

Dhruv Agarwal

Software Engineer, Motorrola Solutions
Innovative Software Engineer at Motorola Solutions R&D, focused on the future of AI and digital authenticity. Expertly navigating the frontier of MCP, A2A, and C2PA to deliver secure, scalable, and durable software at industry-leading speeds. REVA University Alumnus (9.03 CGPA) with... Read More →
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 3
  Ecosystem, Registries + Platform Infrastructure

3:45pm IST

The MCP Trust Gap: I Tested 65 MCP Servers Across 4 Directories — Here's What Nobody Measures - Manav Agarwal, AgentProof
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 1
56,000+ MCP servers are listed across mcp.so, Smithery, Glama, and PulseMCP. But how do you know which ones actually work?

I independently mapped 4 major MCP directories and tested 65+ servers across Research, Code, and Finance categories. The results expose a critical trust gap.

Each directory measures something different — none measure what matters most:
- mcp.so (19.5K servers): Zero quality signals
- Smithery (4.4K): Tracks uptime, not output quality
- Glama (21K): Grades code quality, not correctness
- PulseMCP (11K): Tracks popularity only

Key findings I'll share:

1. Quality collapse at scale — Developer Tools has 8,800 servers but only ~12 are consistently good (0.1% quality rate)

2. The Finance/Payments desert — 74 Finance servers out of 19,557 (0.4%). Fewer than 8 support agent-to-agent payments across 14 protocols I analyzed

3. A practical framework for MCP server trust — beyond code grades to actual output quality assessment

This is independent research, not a product pitch. Full dataset and methodology shared openly.

Attendees leave with the first cross-directory quality analysis of the MCP ecosystem and a framework for evaluating servers.
Speakers
avatar for Manav Agarwal

Manav Agarwal

Founder & Independent Researcher, AgentProof
Creator of AgentProof, an independent benchmarking and trust analysis project for AI agents. Mapped 10 agent directories containing 1.24M+ listings, deep-dived 3 agent categories, and health-checked 65+ MCP servers. Previously analyzed 14 agentic payment protocols (x402, Stripe ACP... Read More →
Sunday June 14, 2026 3:45pm - 4:10pm IST
Lotus 1
  Security, Identity + Trust

4:10pm IST

The Handoff Hallucination: Why Agents Skip Steps and How To Catch It - Ujjwal Kumar Singh, Skeps
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 2
In multi-step agent workflows, correctness isn't just about what the system returns, it's about how it got there.
An agent can claim "approval verified" without actually calling the approval service. The response looks valid, logs appear complete, and schema checks pass yet a critical step was skipped. This is process hallucination.
In financial and compliance workflows, skipping a required step isn't a bug, it's a violation.
Current testing approaches focus on outputs, not execution paths. As a result, these failures remain invisible until they cause real damage.
This talk introduces a Step Verification Layer, a deterministic check that validates whether required actions were actually executed, not just claimed.
By defining allowed sequences of actions and verifying execution against them, teams can detect skipped steps, invalid transitions, and silent process failures before they reach production.
A valid execution trace is not the same as a correct one. This talk is about verifying the difference.
Speakers
avatar for Ujjwal Kumar Singh

Ujjwal Kumar Singh

Software Development Engineer in Test, Skeps
Ujjwal Kumar Singh is a Software Tester who focuses on exploring software quality beyond traditional test cases and automation. His work centers on understanding how testing practices interact with engineering workflows, contributor collaboration, and project governance. He is particularly... Read More →
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 2
  Agent Architecture + Orchestration

4:10pm IST

OAuth Isn't Enough: Confused Deputy in Multi-Agent MCP Pipeline - Sankalp Sandeep Paranjpe, Big4 Consulting Firm; Vishal Alhat, AWS
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 1
OAuth-based authentication is becoming the default foundation for MCP-enabled systems. However, while authentication is standardized, authorization across agent boundaries remains unresolved.

In multi-agent MCP pipelines, orchestrators delegate tasks to sub-agents that act using the user’s authority. This creates a classic confused deputy problem: a sub-agent executes with valid credentials, but under the influence of untrusted inputs such as prompt injections or malicious tool manifests. As a result, it can access or exfiltrate data beyond the user’s original intent.

This talk demonstrates how privilege propagation, not authentication failure, is the core risk.

I will present a three-layer enforcement model:

1) Token attenuation using RFC 8693 to restrict sub-agent privileges at delegation time
2) Policy enforcement using Open Policy Agent to treat every tool call as untrusted input
3) Structured audit trails to ensure post-incident analysis

Live demo: the same MCP pipeline executed twice, first with default delegation (resulting in silent data exfiltration via prompt injection), and then with all three controls applied, where the attack is blocked, logged, and auditable.
Speakers
avatar for Vishal Alhat

Vishal Alhat

Developer Advocate, AWS

Vishal Alhat is a Developer Advocate at Amazon Web Services (AWS) and a former AWS Hero, recognized for his significant contributions to the AWS community. With 11+ years of experience in cloud technologies, Vishal specializes in DevOps, cloud security, and AI/ML.As an active community... Read More →
avatar for Sankalp Sandeep Paranjpe

Sankalp Sandeep Paranjpe

Cloud Security Consultant, '-
Sankalp Sandeep Paranjpe is a DevSecOps Engineer and cloud security practitioner. He speaks at community and security events on practical DevSecOps and Kubernetes security topics. He volunteers with AWS User Group Pune and contributes to the cloud-native community through talks, workshops... Read More →
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 1
  Security, Identity + Trust

4:10pm IST

Operationalizing MCP: Security, Control Planes, and Risk Governance - Sagar Dashora, JPMorgan Chase & Co
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 3
As the Model Context Protocol (MCP) emerges as a standard interface for connecting models, agents, and tools, organizations are exploring MCP servers while also evaluating the operational and security implications of adopting them at scale. This session proposes the solutions and guardrails to address the common security issues such as lethal trifecta, tool poisoning and access misuse.

The talk will outline how MCP registry, control planes, secure gateways and trust boundaries a work together to enable risk governance, security, and operational reliability across agent and MCP ecosystems.

While examples may reference specific approaches, the session remains implementation-neutral and focuses on how these controls collectively establish a safe and scalable MCP environment. Attendees will gain a holistic understanding of how layered controls can address the security concerns and operational risks associated with MCP servers, helping organizations move toward trusted, scalable MCP ecosystems.
Speakers
avatar for Sagar Dashora

Sagar Dashora

Senior Vice President, JPMorgan Chase & Co
Technology lead with 17yrs experience in large enterprise-grade software applications, specializing in financial services domain. Design architect and lead for developing firmwide MCP and Agentic frameworks in JPMorgan Chase. Active contributor to the Agentic AI Foundation(AAIF) working... Read More →
Sunday June 14, 2026 4:10pm - 4:35pm IST
Lotus 3
  Security, Identity + Trust

5:15pm IST

The State Sidecar: Solving the MCP Stateless Paradox - Joval Kuruvila, Caze Labs Private Limited & Advaith Sanil Kumar, Caze Labs
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 1
There is a fundamental contradiction at the heart of production deployments for the Model Context Protocol (MCP). Conceptually, MCP sessions are stateful: they establish connections, negotiate capabilities, and persist context. However, modern deployment environments—like Kubernetes horizontal scaling, serverless functions, and AWS Bedrock AgentCore—are inherently stateless.

The current ecosystem advice is simply to "externalize your state," but there is no standardized infrastructure for doing this natively within MCP. Developers are forced to build ad hoc memory management using custom Redis wrappers or brittle in-memory dictionaries.

This session introduces the State Sidecar pattern: a dedicated MCP server whose sole responsibility is to store, manage, and retrieve agent workflow state. Instead of building custom database connectors, any agent can call the sidecar via standard MCP tool calls to persist intermediate results, track task progress, and maintain context summaries.
Speakers
avatar for Joval Kuruvila

Joval Kuruvila

Software Engineer, Caze Labs Private Limited
Joval Kuruvila is a Bengaluru-based AI/LLM Engineer with 2 years of experience building production-grade GenAI systems. Currently at Caze Labs Pvt Ltd, he specializes in agentic workflows (LangGraph), RAG pipelines, and real-time conversational AI. A B.Tech graduate, open-source contributor... Read More →
avatar for Advaith Sanil Kumar

Advaith Sanil Kumar

AI Intern, Caze Labs | Student, PES University and IIT-Madras, Caze Labs Private Limited
Advaith Sanil Kumar is an AI researcher and developer focused on building intelligent, context-aware systems. Currently an AI Intern at Caze Labs and contributor to open-source MCP ecosystem efforts under the Linux Foundation, he works on LLM testbeds, agentic systems, and prompt... Read More →
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 1
  Agent Architecture + Orchestration

5:15pm IST

Scaling AI: gRPC as Transport Backbone for Enterprise MCP - Pawan Bhardwaj, Google
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 2
The Model Context Protocol (MCP) is rapidly becoming the standard for connecting LLMs to data sources and tools. However, as organizations move from local experimentation to global production, the default JSON-RPC over HTTP transport hits a "scale ceiling."

gRPC is already establish as a go to library for transport for enterprise services as it provide high throughput and better performance using protobuf and HTTP/2. gRPC has Service Mesh Integration, Observability, Enterprise security and many more features, which can be leveraged by the MCP Server and Clients.

This session show case a demo of using MCP with gRPC transport.
Speakers
avatar for Pawan Bhardwaj

Pawan Bhardwaj

Senior Software Engineer, Google
As a senior software engineer specializing in gRPC within Google's open source team, my focus lies in enhancing the performance and usability of networking systems for applications. My previous experience includes working with Cumulus Linux and Cisco NxOS on network forwarding pl... Read More →
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 2
  MCP Protocol in Depth

5:40pm IST

Orchestrating Agent Swarms With MCP, Sandboxing and Shared Filesystems - Vikram Vaswani, Developer Advocate
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 3
Single agents calling MCP tools is a solved problem. Multi-agent swarms, where several agents coordinate on the same task, isn't.

The moment you go from one agent to three, you hit a set of problems that MCP itself doesn't solve and that most orchestration frameworks only paper over: how do agents share state without drowning each other in JSON, how do you isolate their execution when they're all touching the same files, and how does one agent pick up where another left off?

This talk walks through those three problems using a concrete example: a code review swarm. Three specialized reviewer agents (style, security, test coverage) work on the same PR in parallel. A fourth, a developer agent, reads their findings and applies the fixes. Each agent runs in its own isolated sandbox. They collaborate through a shared filesystem rather than by passing context in prompts.

This is a technical deep dive covering:
- why traditional file storage mechanisms are not optimized for agentic workloads
- why shared workspaces are better than passing state through prompts or RAG lookups
- why isolation boundaries are important when agents execute code

Includes live demo of swarm.
Speakers
avatar for Vikram Vaswani

Vikram Vaswani

Developer Advocate, Self Employed - Consultant
Vikram Vaswani is a developer advocate, open source consultant, and technical author with 20+ years of experience helping teams adopt and scale open source technologies. He is the author of seven books published by McGraw-Hill and Pearson, with translations in multiple languages... Read More →
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 3
  Agent Architecture + Orchestration

5:40pm IST

Building Autonomous Mobile Agents With MCP - Srinivasan Sekar & Sai Krishna, TestMu AI
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 1
Most developers encounter MCP as a way to give chat assistants better tools. This talk blows that ceiling off.
Using two open-source projects, Appium MCP and AppClaw, we'll show how MCP becomes the backbone of a fully autonomous agent that controls real Android and iOS devices without a human in the loop. The agent perceives a live UI tree, reasons about what to do next, calls MCP tools to act, observes the result, and loops handling stuck states, recovering from failures, and decomposing multi-app goals on its own.
We'll go deep on the architecture decisions that make this work in production: how dynamic tool discovery lets the agent adapt to new capabilities at runtime without code changes; how parsing raw UiAutomator2/XCUITest XML into compact representations makes mobile UI fit inside an LLM context window; why dual vision (DOM-first with screenshot fallback) beats either strategy alone; and how stuck detection transforms a fragile demo into a reliable engineering tool.
Attendees will leave with a concrete mental model for building agentic systems on MCP and an understanding of why the protocol matters far beyond tool-calling alone.
https://github.com/appium/appium-mcp
Speakers
avatar for Srinivasan Sekar

Srinivasan Sekar

Director of Engineering, TestMu AI
Srinivasan Sekar is the Director of Engineering at TestMu AI (formerly LambdaTest). He is the author of "The MCP Standard" and has a strong passion for contributing to open source projects. As an Appium Member, he has contributed to several open-source repositories, including Selenium... Read More →
avatar for Sai Krishna

Sai Krishna

Director of Engineering, TestMu AI
I am a Director of Engineering at LambdaTest with a decade of experience in testing mobile applications and building automation frameworks. As an active contributor to Appium and a member of the Appium organization, I am deeply involved in the open-source community. I am passionate... Read More →
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 1
  Building with MCP

5:40pm IST

Rethinking Agent–Database Access: A Secure Approach With MCP Toolbox - Shivay Lamba, Qualcomm & Anushka Saxena, Google
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 2
Securely database connections in MCP based Agentic applications has become a critical challenge. Traditional approaches for connectivity introduce risks such as prompt injection, over-permissioned access, and lack of observability.

This talk introduces the Model Context Protocol (MCP) Toolbox for Databases, an open-source framework that standardizes how AI agents interact with data systems. By treating database access as a structured, reusable, and secure set of tools, developers can enable agents to perform meaningful operations while maintaining strict control over data exposure. Toolbox secures your agentic workflows for resources or tool executions
by acting as an OAuth 2.1 Resource Server that validates JWT Bearer tokens from your OIDC provider.

Through a real-world case study, we will demonstrate how to build an intelligent agent that combines semantic vector search with transactional workflows like inventory updates and cart management, all powered through a unified MCP configuration.

So join us to learn how MCP enables scalable, high-performance agentic architectures using efficient connection pooling, without compromising on security, observability, or control.
Speakers
avatar for Shivay Lamba

Shivay Lamba

Senior ML Engineer, Qualcomm
Shivay Lamba is a software developer specializing in DevOps, Machine Learning and Full Stack Development.

He is an Open Source Enthusiast and has been part of various programs like Google Code In and Google Summer of Code as a Mentor and is currently a MLH Fellow. He has also worked at organizations like Amazon, EY, Genpact. He is a Tensorflow.JS SIG member and community lead from In... Read More →
avatar for Anushka Saxena

Anushka Saxena

Software Application Development Apprentice, Google
I'm a passionate advocate for cloud-native technologies and an active contributor to the CNCF community. Currently I'm working as a Software Application Development Appprentice at Google (GCP Databases, MCP Toolbox) and I'm a LFX mentee in the CloudNativePG project. I was a participant... Read More →
Sunday June 14, 2026 5:40pm - 6:05pm IST
Lotus 2
  Enterprise Adoption + Integration

6:05pm IST

Zero-Trust Execution: Sandboxing MCP Data Agents With WebAssembly - Shuva Jyoti Kar, Palo Alto Networks
Sunday June 14, 2026 6:05pm - 6:30pm IST
Lotus 3
The Model Context Protocol (MCP) standardizes context retrieval and tool execution, but granting LLMs access to dynamic execution environments introduces critical runtime vulnerabilities. Traditional containerization (e.g., Docker/containerd) introduces unacceptable latency overhead for sub-second agentic loops, while static IAM/RBAC models fundamentally fail to constrain non-deterministic generated code.

This technical session details the architectural implementation of embedding a WebAssembly (WASM) runtime within an MCP server to enforce a strict, capability-based execution boundary. We will deconstruct how to compile MCP tools to WASM modules and utilize the WebAssembly System Interface (WASI) to ensure that any logic invoked by an LLM is isolated from the host operating system.
Speakers
avatar for SHUVA JYOTI KAR

SHUVA JYOTI KAR

Senior Principal Engineer, Palo Alto Networks
Shuva is a Senior Principal Engineer at Palo Alto Networks architecting secure enterprise AI platforms. He is authoring two upcoming books: Engineering the Data Agent Control Plane (O'Reilly) and Agent Skills in Action (Manning). An open-source contributor and former OpenDaylight... Read More →
Sunday June 14, 2026 6:05pm - 6:30pm IST
Lotus 3
  Security, Identity + Trust
 
Monday, June 15
 

11:30am IST

The Invincible MCP Server: Building Crash-Proof AI Tools With Durable Execution - Shubham Londhe, Temporal
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 3
We All have been building AI Agents with MCP since it launched in 2024, but there's one thing no one is talking about - "What happens when MCP Fails? (and they fail often). MCP is just a process and it can crash, and so will the AI agent progress, it all can vanish with a crash.

Well, the new Tasks primitive in MCP (SEP-1686) helps a lot, it gives your AI agents a way to hand off long-running tools, but it doesn't solve the real problem. They don't maintain the state when the server crashes.

In this session, I'll do a live demo of a Kubernetes Auto Healing AI Agent with MCP server and walk through how to wrap MCP tool logic in workflows that survive crashes, restarts, and network failures.
I'll cover how to handle human-in-the-loop approvals inside long-running tools, how to retries and state-management, and how to observe what your MCP tools are doing in production.

I'll be breaking a running server on stage and show you the agent recovering without losing a step. Hence "The Invincible MCP Server"
Speakers
avatar for Shubham Londhe

Shubham Londhe

Senior Developer Advocate, Temporal
Hello Dosto, I am Shubham Londhe, a Senior Developer Advocate, passionate about developing and deploying production-ready applications.

Its been more than 9+ years in the IT industry and having worked with AWS, Temporal, gave me a lens of how Production-readiness works.

I take this experience and share it with learners across India through my YouTube channel "TrainWithShubham" with over 175000 subscribers. Happy Learning... Read More →
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 3
  Building with MCP

11:30am IST

Why Most MCP Tools Fail Silently, and How To Measure It - Om Shree, Shreesozo
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 2
Most MCP servers don't break because of bugs. They break because the tool descriptions are too vague for agents to reliably pick the right tool.
Two research papers put numbers to this. A SAIL Research study of 856 tools across 103 MCP servers found 97% have at least one quality defect, 56% don't clearly state what the tool does, 89% give no guidance on when not to use it. A second study of 10,831 servers found that well-written descriptions get selected 260% more often, and fixing them raises task success rates by roughly 6 points.
Working with the Glama founder, I helped develop the Tool Definition Quality Score (TDQS) - an open source framework that scores every MCP tool across six dimensions: Purpose Clarity, Usage Guidelines, Behavioral Transparency, Parameter Semantics, Conciseness, and Contextual Completeness. Each tool gets a 1–5 per dimension with specific feedback on what's missing and why it matters.
This talk covers how TDQS was built, what scoring thousands of real servers revealed, and how server authors can use it to ship tools agents actually invoke correctly. The framework is open source and already live across Glama-hosted servers.
Speakers
avatar for Om Shree

Om Shree

Founder, MCP Consultant & Content Strategist, Shreesozo
I'm the founder of Shreesozo, an AI content studio focused on MCP and agentic AI. I've written 100+ technical pieces for Glama.ai and Gentoro, covering everything from protocol internals to real-world agent deployments. I run MCP Weekly, published on YouTube (1.2K subscribers) and... Read More →
Monday June 15, 2026 11:30am - 11:55am IST
Lotus 2
  MCP Protocol in Depth

11:55am IST

From Shadow MCP To Sanctioned MCP: Building an Enterprise Agent Governance Program - Navin Pai, StackGen & Archana Rajkumar, SentinelOne
Monday June 15, 2026 11:55am - 12:20pm IST
Lotus 3
MCP has become the de-facto "standard" for exposing the external environment to agents, but security has always been a trailing concern, making a lot of platform teams sweat under the collar. Policy checks and tool-call authentication were tacked on quickly, but are quickly being seen are necessary but not sufficient. This session zooms out from single-agent enforcement to the operational challenge security and platform teams actually face in 2026: dozens of agents, hundreds of MCP server connections, multiple clouds, rogue tool registrations, and no centralized visibility into what's running.

This session presents a multi-stage maturity model for enterprise MCP governance, to help take practitioners from "we have no idea what's running" to "every tool call is governed, audited, and compliant with internal policies", and shows how to build the program incrementally, without boiling the ocean in the process and slowing down developer velocity.
Speakers
avatar for Navin Pai

Navin Pai

Director of Engineering, StackGen
Navin is a Founding Engineer at OpsVerse. You'll often find him on the internet, getting into flamewars about observability, large scale system design, and open source software
avatar for Archana Rajkumar

Archana Rajkumar

Staff Software Engineer, SentinelOne
I am a Staff Software Engineer at SentinenOne, and enjoy working at the intersection of AI, CyberSecurity and DevOps
Monday June 15, 2026 11:55am - 12:20pm IST
Lotus 3
  Security, Identity + Trust

12:20pm IST

Beyond 1:1 Mapping: Designing MCP for Real Enterprise Systems - Naresh Waswani, Simpplr Inc. & Jyoti Notani, Persistent Systems Ltd
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 2
Many organizations exploring MCP already operate large microservice ecosystems. A common first instinct is to mirror that architecture directly—one microservice becomes one MCP server, and each API becomes a tool. While simple in theory, this often creates too many servers, overlapping tools, poor discoverability, and unnecessary operational complexity.

This session explores how to design MCP boundaries for real enterprise environments instead of copying existing service boundaries. I’ll walk through practical patterns for grouping capabilities, aggregating multiple services behind task-oriented tools, and exposing interfaces optimized for agents rather than internal architecture diagrams.

We’ll also cover how different agents can safely consume shared MCP services, along with key considerations such as ownership, versioning, permissions, observability, and scaling MCP across many teams.

A short demo will show how a well-designed MCP layer can simplify complex multi-service workflows.

If your organization already has dozens or hundreds of services, this session will help you adopt MCP intentionally - without repeating old patterns in a new protocol.
Speakers
avatar for Naresh Waswani

Naresh Waswani

Senior Architect, Simpplr Inc.
Hands-on architect specializing in resilient distributed systems, microservices, event-driven architecture, and cloud-native modernization. AWS User Group Nagpur Leader and 6+ year AWS Community Builder, active in speaking, mentoring, and community building. My recent focus is Generative... Read More →
avatar for Jyoti Notani

Jyoti Notani

Architect, Persistent Systems Ltd
Seasoned professional with experience on working with Microservices,Devops and SRE
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 2
  Enterprise Adoption + Integration

12:20pm IST

Your AI Chatbot Just Exposed Your CEO’s Salary To an Intern: Securing Enterprise AI Agents - Hasini Samarathunga & Sahan Dilshan, WSO2
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 3
Have you ever worried that your new AI Agent might be a little too helpful? Imagine an intern asking an HR chatbot, "What is the CEO's salary?" and the bot, designed to be helpful, promptly fetches it.

As we equip LLMs with tools via the MCP to query internal systems, we introduce a significant data privacy risk if the agent cannot distinguish who is making the request.

In this session, we’ll explore the critical intersection of IAM and AI agents. You’ll see how to implement fine-grained access control and “on-behalf-of” user execution in MCP servers. By securely propagating user context, an agent ensures that when the CEO queries salary data, the data is delivered, but when an intern makes the same request, the system restricts it.

We’ll also dive into the “Human-in-the-Loop” (HITL) pattern, a safeguard that pauses high-risk actions for explicit human approval. You’ll learn how to design secure-by-default MCP architectures using standard authentication flows, zero-trust permissioning, and HITL workflows to keep your AI agents aligned, controlled, and trustworthy.
Speakers
avatar for Hasini Samarathunga

Hasini Samarathunga

Senior Software Engineer, WSO2
Hasini Samarathunga is a Senior Software Engineer at WSO2, with 3+ years of experience specializing in IAM and B2B domains. She is currently working on building B2B capabilities for MCP servers and introducing Agent-as-a-Service within WSO2 Identity Server.

She believes great tech talks should cut through the buzzwords and make complex ideas accessible, ensuring everyone, regardless of experience level, can walk away having learned something useful... Read More →
avatar for Sahan Dilshan

Sahan Dilshan

Associate Tech Lead, WSO2
Sahan Dilshan is an Associate Tech Lead at WSO2, where he has spent the past five years designing and building identity and access management features. His current focus sits at the intersection of two complementary areas: IAM for AI securing agentic systems with proper identity... Read More →
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 3
  Security, Identity + Trust

12:45pm IST

Stateful AI Agents: Building Consistent Systems With MCP and Distributed SQL - Nasiullha Chaudhari, YugabyteDB & Vanshika Jain, Brudite Private Limited
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 1
An agent processes a payment, hits a timeout, and retries. Now the payment has been charged twice. The model didn’t hallucinate. The workflow did exactly what it was told. The problem is that nobody designed the agent to be safe under retry.

This is a distributed systems problem.

When agents read data, take actions, and write results back, correctness depends on how state is managed across steps. Under retries or concurrent execution, the same workflow can produce conflicting outcomes.

This talk shows how to build stateful AI agents using the Model Context Protocol with a PostgreSQL-compatible distributed database. Instead of treating memory as embeddings, we treat it as structured, transactional state.

You will learn how to design MCP tools for database operations, manage multi-step workflows, and handle failure modes such as retries and idempotency. We will also explore consistency tradeoffs in distributed systems.

The session ends with concrete patterns for building reliable agents, including idempotent tools and safe retry design.
Speakers
avatar for Nasiullha Chaudhari

Nasiullha Chaudhari

Developer Engagement Manager, YugabyteDB
Nasiullha Chaudhari works as a Developer Engagement Manager at YugabyteDB, focusing on AI systems, distributed databases, and cloud-native architectures. He works on real-world AI agent systems and focuses on what it takes to run them reliably in production.

He is a Docker Captain and an international speaker who has spoken at developer and infrastructure conferences globally. He shares practical insights through his YouTube channel with 180K+ subscribers and with 70K+ followers on LinkedIn... Read More →
avatar for Vanshika Jain

Vanshika Jain

Lead Engineer-Developer Relations, Brudite Private Limited
Software Engineer turned Trainer and Public Speaker. I love talking about Cloud, DevOps, and the power of community to make tech more approachable. Through mentoring, training sessions, and talks, I try to help others grow in their tech journey.
Being in a startup, I didn’t just... Read More →
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 1
  Building with MCP

12:45pm IST

Your MCP Server Is an Attacker's Dream: A Security Playbook From Real-World Assessments - Akash Mahajan, KLOUDLE Inc.
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 3
MCP servers are quickly becoming the default interface between AI agents and production systems.

This speed has a cost. Most teams shipping MCP servers today are repeating the same security mistakes like overprivileged tool definitions, missing input validation, no transport-layer auth, and blind trust in what the LLM sends downstream.

This talk presents a practical security assessment playbook for MCP servers, built from hands-on penetration testing and security assessments of real MCP deployments.

We'll walk through the three-five most common vulnerability patterns seen in the wild.

- tool poisoning
- permission escalation
- transport misconfiguration
- server-side request forgery through tool arguments

For each vulnerability class, you'll see how the attack works, why it slips past code review, and what the fix looks like in practice.

Attendees will walk away with a repeatable methodology for assessing the security posture of any MCP server before it hits prod. Whether they built it or adopted it.
Speakers
AM
Monday June 15, 2026 12:45pm - 1:10pm IST
Lotus 3
  Security, Identity + Trust

3:50pm IST

Designing Low-Latency MCP Systems for High-Throughput Data Pipelines: Architecture and Bottlenecks, - Partha Sarthy, Applied Materials
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 1
MCP simplifies AI-tool integration — but in high-throughput, latency-sensitive pipelines, its performance characteristics can quietly become the bottleneck. Iterative reasoning loops, sequential tool invocations, and context amplification compound in ways that are easy to miss in development and impossible to ignore in production.

This talk presents a structured decomposition of end-to-end MCP latency — reasoning, communication, execution, and coordination — giving engineers a precise framework for identifying where overhead actually lives. We then present targeted optimizations: parallel tool invocation, streaming responses, schema minimization, and intelligent caching.

The core architectural argument: MCP belongs on the control plane. Separating adaptive orchestration from data-plane execution preserves deterministic performance where it matters, while keeping model-driven flexibility where it adds value. A fast path versus intelligent path pattern follows naturally from this separation. A case study comparing naive and optimized pipeline implementations makes the gains concrete.
Speakers
avatar for Partha Sarthy

Partha Sarthy

Software Engineer, Applied Materials
I am a Software Engineer at Applied Materials working in the HPC and AI domain. I have a cumulative experience of close to 8.5 years and have served in companies like HPE, Juniper and Cisco. I am also an active member of IEEE and have presented in Conferences relating to Solid State... Read More →
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 1
  Building with MCP

3:50pm IST

MCP Elicitation in the Wild: When Agents Ask for Too Much - Kaiwalya Koparkar, Gravitee.io
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 3
Elicitation is one of MCP's most powerful and least governed features. It lets servers request additional input from users at runtime, enabling richer, more dynamic agent interactions. But in production environments, elicitation also opens a surface for agents to request sensitive data they shouldn't need, bypass approval flows, or trigger unintended actions under the guise of a helpful prompt. This session examines elicitation as a runtime governance problem: what it is at the protocol level, where the security boundary sits between server and client, and how to enforce limits on what agents can elicit without neutering the feature entirely. Drawing on real implementation experience, the talk covers policy patterns for elicitation scope control, audit logging of elicitation events, and the UX tradeoffs of locking it down. Attendees will leave with a clear framework for deciding when elicitation is safe, when it needs guardrails, and how to implement those guardrails in a running MCP deployment.
Speakers
avatar for Kaiwalya Koparkar

Kaiwalya Koparkar

Platform Advocate, Gravitee
Monday June 15, 2026 3:50pm - 4:15pm IST
Lotus 3
  Security, Identity + Trust

4:15pm IST

100 Agents in 100 Days: Patterns and Anti-Patterns for MCP-Based Multi-Agent Systems - Harish Kotra, Forge Alumnus
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 2
Multi-agent systems on MCP are where most of the interesting architectural questions live: routing, state, retries, coordination, and what happens when any one of N tool calls misbehaves. Most talks on the topic are theoretical. This one is not.

Since early 2026 I've published one new AI agent every day at dailybuild.xyz. Many of them are multi-agent: price-war simulations, research pipelines, a local agent orchestration studio, a recursive research loop, human-in-the-loop travel planners, and a "swarm CFO" with policy-gated spend. Dozens of them plug into MCP servers.

In this session I'll pull out the ten orchestration patterns I now use by default when MCP is in the mix, and the ten I've thrown out. Topics include: why single-agent-with-many-tools usually beats a team of agents until it suddenly doesn't; how to design a router that survives tool-name collisions across multiple MCP servers; state strategies that don't rot; retry and compensation patterns for idempotent vs non-idempotent tools;

Every pattern in the talk is tied to a specific public build with working code, so attendees can go verify, fork, or challenge anything I claim.
Speakers
avatar for Harish Kotra

Harish Kotra

Fractional CTO, Forge Alumnus
Harish is a Fractional CTO and AI agent builder based in India. He previously led Developer Relations at Gaia and spent over a decade at AngelHack organizing 200+ hackathons. Since 2026 he's published one new open-source AI agent every day at dailybuild.xyz, 100+ builds spanning MCP... Read More →
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 2
  Agent Architecture + Orchestration

4:15pm IST

Starling: Building a Pay-as-you-go MCP Server for Live Kubernetes Ops - Avinash Patil, Warble Cloud
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 1
Most MCP demos stop at "hello world over stdio." Shipping a production MCP server means answering harder questions: How do you authenticate callers? How do you meter usage? How do you safely hand an LLM a live Kubernetes cluster without giving it the keys to prod?

This talk walks through Starling, a production MCP server that exposes 17 Kubernetes tools — from list_pods to scan_cluster — to Claude, Cursor, and VS Code. It runs live on GKE at ops-mcp.warblecloud.com, charges credits per tool call, and handles ephemeral kubeconfigs without ever persisting them.

We'll cover concrete design decisions: dual-transport architecture (stdio for desktop agents, HTTP for remote), a Firestore-backed credit ledger with atomic per-tool debits, mode-gated write tools (scale_deployment only when --mode=readwrite), and the security model for handing an LLM temporary cluster access.

Attendees leave with a working mental model for turning an MCP prototype into a billable, multi-tenant service — plus the exact auth, transport, and RBAC patterns they can lift into their own servers.
Speakers
avatar for Avinash Patil

Avinash Patil

Chief Flow Officer, Warble Cloud
Avinash Patil is the founder of warblecloud.com (Chirpstack LLP Entity ), building MCP-native Kubernetes tooling. He leads the Starling project, a production MCP server for cluster intelligence. Previously, he spent over 12 years leading cloud-native platform engineering at global... Read More →
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 1
  MCP Protocol in Depth

4:15pm IST

Securing MCP Servers for the Enterprise: OAuth 2.0, Keycloak, and Spring Boot in Production - Vishal Singh, Quest2travel
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 3
The MCP spec mandates OAuth 2.0 for HTTP-exposed servers, but most tutorials stop at "add a Bearer token." Enterprise deployments demand more: dynamic client registration, tool-level authorization, token introspection under load, and audit trails for compliance.

This session builds a production-grade MCP server with Spring Boot and the MCP Java SDK, secured by Keycloak. We cover: mapping OAuth scopes to MCP tool permissions, rate limiting per client credential with Bucket4j, wiring OpenTelemetry traces through the MCP request lifecycle, and handling edge cases at scale — token clock skew across distributed agents, graceful degradation when the IdP is unreachable, and preventing prompt injection from leaking privileged tool responses.

Attendees leave with a working architecture adaptable to any identity provider and a clear mental model of where MCP security ends and application security begins.

Breakdown: threat model (3 min), OAuth 2.0 + Keycloak layer (7 min), hardened Spring Boot server (8 min), edge cases from the field (5 min), architecture takeaway (2 min).
Speakers
avatar for Vishal Singh

Vishal Singh

Senior Software Developer, Quest2travel
Senior Software Developer at Quest2travel by MakeMyTrip, building Java/Spring Boot backend systems for B2B corporate travel at scale. Previously at Comviva (Tech Mahindra) on fintech platforms handling 3.5M+ API requests/day. Active open-source contributor to Keycloak (OIDC claim... Read More →
Monday June 15, 2026 4:15pm - 4:40pm IST
Lotus 3
  Security, Identity + Trust

4:40pm IST

What a Database Team Discovers Building an MCP Server - Sfurti Sarah, Yugabyte & Heather Downing, YugabyteDB
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 1
Most MCP servers in production were built by AI teams. Meko's was built by a distributed SQL database team, and the view from this side of the stack is different.

Coming from storage, some decisions were obvious from day one. Memory, knowledge, conversation history, and structured data belong on one cluster, not four. Tenant isolation is a schema problem. The datapack, our per-agent namespace, fell out of the same instinct that builds any multi-tenant database.

Other decisions we only got right the second time. We started with a deployment model that gave every user their own MCP server, and pivoted to a shared fleet once we saw how real usage patterns played out. We shipped tools for capabilities that turned out to belong in skills. We learned where the language model needed a tight, opinionated surface and where it needed more room.

This talk is the story of what we brought to MCP from the database side, what we discovered once real agents started using it, and the pivots we made, including the ones still in flight.
Speakers
avatar for Sfurti Sarah

Sfurti Sarah

Senior Software Engineer, Yugabyte
Sfurti Sarah is a Senior Software Engineer at YugabyteDB working on Meko’s MCP server. Her work sits at the intersection of databases and LLMs, focusing on how these systems behave in real-world production environments.
avatar for HEATHER DOWNING

HEATHER DOWNING

Developer Advocate, YugabyteDB
Heather Downing is a Senior Developer Advocate at YugabyteDB and a Microsoft MVP focused on agentic AI, MCP, and secure software engineering.
7x MSFT MVP and fan of data in general.
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 1
  Building with MCP

4:40pm IST

The AI-First Device Farm: Exposing Remote Hardware Infrastructure Via MCP - Kalyan Kolachala, SymphonyAI Group India & Vaishali Shetty, GetWell Network (SAI Group)
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 2
For a geographically distributed Dev and QA team, accessing physical Set-Top Boxes for debugging is a constant bottleneck. By deploying Remote MCP, we transformed our physical STB testing lab into a shared, AI-accessible platform. This talk covers the infrastructure needed to host Remote MCP servers that interface with a fleet of physical devices. We will explore how developers can now use their local AI assistants (like Claude) to securely connect to, setup, and debug remote STBs as if they were sitting on their desks.
Speakers
avatar for Kalyan Kolachala

Kalyan Kolachala

Managing Director and Head of AI, SymphonyAI Group India
Kalyan is a senior engineering leader with experience in delivering world class, enterprise products and platforms involving SaaS, AI/ML, GenAI, Kubernetes, Cloud, and big data. He is currently India MD at SAI Group, a global enterprise AI leader. Worked previously at Intuit and Hitachi... Read More →
avatar for Vaishali Shetty

Vaishali Shetty

Architect - QA, Performance and Observability, GetWell Network (SAI Group)
Vaishali Shetty is a Principal Engineer at GetWell Network (SAI Group) and a Architect specializing in qa, performance, observability, and generative AI. She has held architect roles at Mycom and Hitachi Vantara, and leadership roles at Altisource Labs and Oracle. She designs testing... Read More →
Monday June 15, 2026 4:40pm - 5:05pm IST
Lotus 2
  Ecosystem, Registries + Platform Infrastructure

5:35pm IST

Beyond Tool Calls: Unlocking Interactive, Token-Smart Agents With MCP Apps - Suraj B, HDFC Bank
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 1
MCP Apps are reshaping what a Model Context Protocol server can do — turning text-only tool exchanges into rich, interactive experiences embedded directly in the host. This session takes a builder's tour of the MCP Apps extension: core concepts, target use cases (dashboards, multi-step workflows, human-in-the-loop confirmations), the security model, and current limitations worth knowing before adoption.
A central theme is the visibility paradigm — letting UI carry state the model doesn't need to see, unlocking meaningful token savings on data-heavy flows. We'll cover iframe sandbox constraints, postMessage patterns, session-bound identity, and prompt-injection defenses for sensitive actions. We will also cover existing protocol limitations and work going on to address the same in exp-apps working group.
We close with a live Go-based demo executing a fund transfer flow end-to-end.
Speakers
avatar for Suraj B

Suraj B

Senior Software Engineer
Suraj is a contributor to the MCP Go SDK and member of the MCP Financial Services Interest Group. He is a Lead Backend and AI Engineer at HDFC Bank, building agentic AI platforms with a focus on MCP server architecture and token optimization. A Go developer with ~10 years of experience... Read More →
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 1
  Building with MCP

5:35pm IST

Building Interactive Tools With MCP Elicitation - Ashwin Hariharan, Redis
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 2
Most of us think of agent tools as vending machines - you put in the right input, you get the right output. Put in the wrong input, and you either get the wrong output or nothing at all.

This breaks for complex workflows where context is incomplete or intent is ambiguous. The tool either guesses wrong or fails outright. No back-and-forth, no clarification. Good AI tools built for conversation should explain what they need, what they'll do, and provide clear options.

In this session, we’ll look at how MCP elicitation works in practice across different workflows: covering ambiguous input, missing context, risky operations, and auth flows. Attendees will leave with concrete patterns for designing tools that go beyond transactional APIs to collaborative multi-turn interactions.
Speakers
avatar for Ashwin Hariharan

Ashwin Hariharan

Developer Advocate, Redis
Ashwin Hariharan is a Developer Advocate at Redis, with over eight years of experience as a full-stack software engineer. He's passionate about making complex ideas simple, helping developers build faster, more reliable systems, and understand the "why" behind the tools they use.
... Read More →
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 2
  Building with MCP

5:35pm IST

Why Your MCP Server Needs Real Users — Implementing OAuth and Dynamic Client Registration for MCP - Tamil Vanan Karuppannan, Arcesium & Achanandhi M, EY
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 3
ost MCP servers today ship with a simple setup: plug in an API key or a shared credential, and you're good to go. That works fine for a weekend hack, but the moment you bring MCP into an enterprise, things start to fall apart. You don't want MCP clients storing static usernames and passwords — that's a security incident waiting to happen. You can't tell who did what, you can't enforce fine-grained access control, and your security team is not going to be happy. What enterprises actually need is for users to authenticate through their existing SSO, get access to MCP servers based on who they are and what they're allowed to do, and have every action tied back to a real identity for audit and compliance.

In this talk, we use the OpenSearch MCP Server as a concrete example to show why this matters and what we can do about it. We'll walk through extending the server to support OAuth 2.0 Authorization Code Flow with PKCE and Dynamic Client Registration (DCR), following the MCP authorization spec.
Speakers
avatar for Tamil Vanan Karuppannan

Tamil Vanan Karuppannan

Principal Engineer, Arcesium
Tamil vanan is a cloud native Tech lead at Arcesium and a former Kubernetes SME at VMware. He is passionate about finding solutions to problems in the cloud native environment.

He works with cloud-native technologies like Kubernetes, multi-cloud and networking. He is a passionate supporter of open source and CNCF and actively participates in it... Read More →
avatar for Achanandhi M

Achanandhi M

Advanced Analyst, EY
Achanandhi is an open source advocate who enjoys exploring new technologies and loves building communities. He actively contributes to open source projects and frequently speaks at community events, sharing knowledge about cloud-native technologies and open source. He is passionate... Read More →
Monday June 15, 2026 5:35pm - 6:00pm IST
Lotus 3
  Security, Identity + Trust

6:00pm IST

Building an MCP Marketplace: Lessons in Discovery, Versioning, and Trust - Saurabh Mishra, Optum/UnitedHealthGroup
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 1
This talk shares practical lessons from building a marketplace for MCP servers covering how to design a discovery layer that goes beyond a simple registry, handle versioning without breaking agent workflows, and establish trust signals (author verification, schema validation, sandboxed execution scores) that developers can actually rely on.
Attendees will walk away with concrete patterns for publishing and consuming MCP servers at scale, and an honest look at what breaks when you try to standardize a fast-moving ecosystem.
Speakers
avatar for Saurabh Mishra

Saurabh Mishra

Lead DevOps Engineer, Optum (UnitedHealthGroup)
Saurabh Mishra is a Cloud Evangelist and architect dedicated to high-level automation and DevOps excellence. He actively engages with the global tech community, sharing insights on cloud-native technologies, security best practices and multi-cloud strategies.As an experienced speaker and mentor... Read More →
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 1
  Building with MCP

6:00pm IST

Stop the Wild Goose Chase: Enterprise Agents With Goose - Ram Iyengar, OpenSSF
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 2
The promise of autonomous AI agents has sent engineering teams on a wild goose chase—juggling vendor lock-in, unpredictable costs, & security nightmares all for an agent to execute a simple workflow.

Stop chasing and start building!

Enter goose: the open-source, general-purpose framework, designed to run natively on your machine. It connects to any LLM. goose shifts the paradigm from fragile and remote to robust and local.

In this talk, we shall explore how to successfully architect and deploy goose within an enterprise environment. Chop through hype to demonstrate how goose leverages MCP to integrate with your choice of tools. More importantly, we will tackle the critical enterprise realities of deploying autonomous agents: establishing strict token budgets, implementing robust security guardrails to prevent destructive terminal commands, and building "Custom Distros" to standardize AI workflows across your entire engineering organization.

Automate mundane research, streamline CI/CD, or safely vibecode ― you will leave this session with a practical blueprint for making open-source agents work for your enterprise, thanks to goose.
Speakers
avatar for Ram Iyengar

Ram Iyengar

India Community lead, OpenSSF
Ram Iyengar is an engineer by practice and an educator at heart. He was (cf) pushed into technology evangelism along his journey as a developer and hasn’t looked back since! He enjoys helping engineering teams around the world discover new and creative ways to work. He is a proponent... Read More →
Monday June 15, 2026 6:00pm - 6:25pm IST
Lotus 2
  Enterprise Adoption + Integration

6:25pm IST

Who Do You Trust? Securing Multi-Agent MCP Systems in Healthcare - Yuvraj Pradhan, MIT ADT University & Archana Kumari, MIT ADT University
Monday June 15, 2026 6:25pm - 6:50pm IST
Lotus 3
An LLM caught my friend’s condition that doctors took two months to confirm. We asked: what happens when multiple specialised models review the same case together?

We built ConsensusMed on MCP. Each specialist model for a medical domain runs as an independent MCP server, and an orchestrator coordinates their outputs and decides what to trust when models disagree.

Multi-agent clinical systems face real attack surfaces:

- A malicious MCP server can exfiltrate OAuth tokens and impersonate legitimate users
- Prompt injection in clinical reports silently shifts outputs before consensus
- Tampered model weights corrupt findings with no OAuth scope catching it

So we built a trust layer directly into MCP:

- An MCP interceptor proxy redacts PHI using NER before any tool call reaches a specialist server
- The chairman verifies SHA-256 hashes of model weights against Ed25519-signed manifests before spawning
- Specialists run as stdio subprocesses. They never bind to a port. Network access is structurally impossible.

For regulated environments, we built an air-gapped MCP registry that operates entirely offline with cryptographic verification before execution.
Speakers
avatar for Yuvraj Pradhan

Yuvraj Pradhan

AI Systems Engineer, MIT-ADT UNIVERSITY
Yuvraj Pradhan is an AI Systems Engineer specialising in cost-efficient GenAI and secure multi-agent architectures. He is the first author of research published in Springer Nature on architecting a 125M-parameter NanoLLM for STEM tasks that outperforms significantly larger models... Read More →
avatar for Archana Kumari

Archana Kumari

Ai Systems Developer, MIT ADT University
Archana Kumari is an AI Systems Developer building practical machine learning systems and edge AI applications. Her work spans LLMs, computer vision on embedded devices, and full-stack tooling with Python and Java. She has developed multi-agent reasoning frameworks and voice-assisted... Read More →
Monday June 15, 2026 6:25pm - 6:50pm IST
Lotus 3
  Security, Identity + Trust
 
  • Filter By Date
    Jun 14 - 15, 2026
  • Filter By Venue
    Bengaluru, Karnataka, India
    All
    Lotus 1
    Lotus 2
    Lotus 3
    Lotus Concourse
  • Filter By Type
    Agent Architecture + Orchestration
    Building with MCP
    Ecosystem, Registries + Platform Infrastructure
    Enterprise Adoption + Integration
    Keynote
    MCP Protocol in Depth
    Meals + Breaks + Special Events
    Registration
    Security, Identity + Trust
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Sunday, June 14
Monday, June 15
Lotus 1
Lotus 2
Lotus 3
Lotus Concourse
  • Agent Architecture + Orchestration
  • Building with MCP
  • Ecosystem, Registries + Platform Infrastructure
  • Enterprise Adoption + Integration
  • Keynote
  • MCP Protocol in Depth
  • Meals + Breaks + Special Events
  • Registration
  • Security, Identity + Trust
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate