Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.


Venue: Lotus 3 (Level 3) clear filter
Sunday, June 14
 

10:00am IST

Workshop: Building scalable, edge-native, production-grade MCP tools with RUST - Rajesh Sola, KPIT
Sunday June 14, 2026 10:00am - 11:00am IST
The emergence of the Model Context Protocol is transforming how AI agents interact with tools, data, and real-world systems. However, most early MCP implementations rely on high-level runtimes that are not well-suited for embedded and resource-constrained edge environments. This session explores how RUST enables a new class of high-performance, memory-safe MCP servers designed specifically for Embedded Linux–powered edge devices.

In this tutorial, I'll walk through building a lightweight MCP server, bridging physical data sources into LLM-readable formats, enabling intelligent agents to reason over live edge data using Rust.

- Why MCP for Edge AI Systems?
- Why RUST?
- Building simple server using rmcp and testing with a client
- Bridging physical word e.g. Sensors, Telemetry, File Systems and structuring LLM-readable context, data pipelines
- High-performance Edge MCP Runtime - Async & Concurrency Models for scalable communication (MQTT, HTTP, gRPC etc.)
- Observability, tracing & Debugging
- Bring MCP in Agent loop, Using Rig for orchestration
- Deploying to target board, cross compilation steps
- Case Study: Building an Edge MCP Agent, e.g. Telemetry and Diagnostics
Speakers
avatar for Rajesh Sola

Rajesh Sola

Education Architect, KPIT Technologies Ltd
Rajesh is working as an Education Architect at KPIT technologies Ltd. He is currently focusing on technical competency building for middleware technologies and connected vehicle solutions. He has 20 years of experience with core focus on Modern Programming, System Design, Embedded... Read More →
Sunday June 14, 2026 10:00am - 11:00am IST
Lotus 3 (Level 3)
  Building with MCP

11:30am IST

Workshop: Building Production-Ready MCP Servers: Lessons From an Open Source Template - Abhishek Kumar & Deepak Koul, Red Hat
Sunday June 14, 2026 11:30am - 12:30pm IST
**Space Limited - First Come, First Served.  Please bring a fully charged laptop to the workshop**

Most MCP tutorials stop at "hello world." This session goes further. We will walk through how we built a production-grade, open source MCP server template at Red Hat, covering FastMCP + FastAPI integration, multiple transport protocols (HTTP, SSE, streamable-HTTP), OAuth with PostgreSQL token storage, structured logging, and OpenShift deployment manifests. Attendees will leave with a clear mental model of what it actually takes to go from a local MCP prototype to something you can run in production on Kubernetes. We will also share the design decisions we made, the mistakes we avoided, and how developers can use this template as a starting point for their own MCP servers.
Speakers
avatar for Deepak Koul

Deepak Koul

Senior Engineering Manager, Red Hat

Likes to ideate, build and talk about AI
avatar for Abhishek Kumar

Abhishek Kumar

Architect, Red Hat
Architect & Technical Lead at Red Hat with 15+ years in backend, distributed systems, and cloud-native tech. Currently building Agentic AI solutions using MCP, AI agents, and intelligent data platforms. Works across Java, Python, AWS, Quarkus, and OpenShift. Passionate about open... Read More →
Sunday June 14, 2026 11:30am - 12:30pm IST
Lotus 3 (Level 3)
  Building with MCP
  • Audience Experience Level Any
  • Session Slides Yes

3:20pm IST

Who's Calling? Bringing Identity To the MCP Host - Ayesha Dissanayaka, WSO2
Sunday June 14, 2026 3:20pm - 3:45pm IST
The MCP authorization spec gives us a clean OAuth 2.1 story between clients and servers. What it leaves out of scope is the host itself, the AI agent orchestrating the conversation. That's where enterprise deployments quietly break.

An MCP host is not a passive pipe. It accepts requests from users, services, and peer agents, reasons with LLMs, and invokes tools across many servers. Every edge is an identity boundary. Without a first-class host identity, no stable credentials, no verifiable delegation, no independent audit trail, every downstream decision inherits that ambiguity. Who made this tool call? The user? The agent on their behalf? The agent autonomously? Most deployments cannot answer, so they cannot enforce least privilege or satisfy audit.

This talk treats the MCP host as a first-class identity through four disciplines: Administer (lifecycle, credentials), Authenticate (how a host proves itself), Authorize (delegation vs. impersonation, token exchange, actor claims), and Audit (trails that separate agent action from user intent). For each, we'll show what the spec covers, where the gap sits, and which extensions and emerging patterns are converging to close it.
Speakers
avatar for Ayesha Dissanayaka

Ayesha Dissanayaka

Associate Director / Architect, WSO2
Ayesha is Lead Architect for Identity and Access Management for Agentic AI at WSO2, specializing in securing autonomous AI systems. With over a decade in enterprise IAM, she architects identity solutions for AI agents, bridging traditional frameworks with emerging AI security needs... Read More →
Sunday June 14, 2026 3:20pm - 3:45pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

3:50pm IST

Building an Enterprise MCP Registry: Secure Discovery, Governance, and Reuse at Scale - Kushagra Mittal, Motorola Solutions & Dhruv Agarwal, Motorola Solutions
Sunday June 14, 2026 3:50pm - 4:15pm IST
As enterprises scale AI operations to support hundreds of agents and thousands of users, they inevitably hit an architectural wall. The friction points fall into three categories: visibility, control, and reuse. Teams struggle to discover existing agents and MCP servers across a large organization, platform teams need to govern publication and enforce security, and siloed groups waste time rebuilding capabilities that already exist. Without a centralized registry, agent sprawl grows, compliance risk increases, and critical knowledge stays trapped in local teams. In this session, we will share how the Motorola Solutions Platform Engineering team addressed this bottleneck by building a shared discovery and governance layer for internal AI resources. We will unpack the patterns behind our internal MCP catalog, including agent and prompt versioning, team-based visibility controls, approval workflows, and automated security scanning before resources are broadly shared. We focus on what broke early, and what won trust first. Attendees will leave with a practical, vendor-agnostic blueprint for making MCP resources easier to discover, safer to publish, and more reusable at enterprise scale
Speakers
avatar for Dhruv Agarwal

Dhruv Agarwal

Software Engineer, Motorola Solutions
Innovative Software Engineer at Motorola Solutions R&D, focused on the future of AI and digital authenticity. Expertly navigating the frontier of MCP, A2A, and C2PA to deliver secure, scalable, and durable software at industry-leading speeds. REVA University Alumnus with a lifelong... Read More →
avatar for Kushagra Mittal

Kushagra Mittal

Software Developer, Motorola Solutions
Passionate software engineer based in Bangalore, India. Currently a part of team where we lead the effort in AI R&D for the organization.
Sunday June 14, 2026 3:50pm - 4:15pm IST
Lotus 3 (Level 3)

4:20pm IST

Operationalizing MCP: Security, Control Planes, and Risk Governance - Sagar Dashora, JPMorgan Chase & Co
Sunday June 14, 2026 4:20pm - 4:45pm IST
As the Model Context Protocol (MCP) emerges as a standard interface for connecting models, agents, and tools, organizations are exploring MCP servers while also evaluating the operational and security implications of adopting them at scale. This session proposes the solutions and guardrails to address the common security issues such as lethal trifecta, tool poisoning and access misuse.

The talk will outline how MCP registry, control planes, secure gateways and trust boundaries a work together to enable risk governance, security, and operational reliability across agent and MCP ecosystems.

While examples may reference specific approaches, the session remains implementation-neutral and focuses on how these controls collectively establish a safe and scalable MCP environment. Attendees will gain a holistic understanding of how layered controls can address the security concerns and operational risks associated with MCP servers, helping organizations move toward trusted, scalable MCP ecosystems.
Speakers
avatar for Sagar Dashora

Sagar Dashora

Senior Vice President, JPMorgan Chase & Co
Design architect and lead for MCP and Agentic directories and security control planes in JPMorgan Chase. Member and active contributor to the Agentic AI Foundation(AAIF) working groups focused on Security, Identity, Trust and Governance for agentic AI systems.
Sunday June 14, 2026 4:20pm - 4:45pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

5:20pm IST

Closing the AuthZ Gap in MCP: Policy-Driven Tool Invocation Control - Oshi Gupta, Infracloud Technologies - An Improving Company & Sonali Srivastava, Improving
Sunday June 14, 2026 5:20pm - 5:45pm IST
MCP tools give AI agents direct access to external services - production databases, internal APIs, third-party platforms. But most teams deploying MCP today have no answer to a simple question: who authorized that tool call?

MCP has made remarkable strides in standardizing agent-to-tool connectivity - but AuthN and AuthZ at the tool invocation layer remain an open problem. Tool calls are dynamic and runtime-driven; static Kubernetes RBAC has no vocabulary for per-tool, per-agent, or per-parameter enforcement. There is no native spec primitive to say "only this agent can call this tool."

In multi-tenant environments this gets worse - one misconfigured agent can invoke tools across tenant boundaries and nobody finds out until the damage is done. Teams filling this gap today are relying on custom middleware, app-level checks, or nothing at all.

This talk explores where MCP's authorization model falls short and how policy-as-code closes the gap - with Kyverno as one strong implementation path. The session walks through real ClusterPolicy configurations, multi-tenant isolation patterns, and hard-won lessons from tuning enforcement without breaking production agents.
Speakers
avatar for Oshi Gupta

Oshi Gupta

Site Reliability Engineer, Improving Pune (Infracloud)
Oshi Gupta works as a Site Reliability Engineer at Improving Pune (Infracloud). She is a CNCF Kubestronaut , AWS Solutions Architect-Associate certified and LFX mentee for CNCF Kyverno.
avatar for Sonali Srivastava

Sonali Srivastava

Senior Developer Advocate, Improving
Sonali Srivastava is a Senior Developer Advocate at Improving, Co-chair KubeCon India 2026, and Co-organizer CNCF Women in Cloud Native. With experience across system administration, open source contribution and developer advocacy, she focuses on bridging gap between developers and... Read More →
Sunday June 14, 2026 5:20pm - 5:45pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust
  • Audience Experience Level Any
  • Session Slides Yes

5:50pm IST

Orchestrating Agent Swarms With MCP, Sandboxing and Shared Filesystems - Vikram Vaswani, Developer Advocate
Sunday June 14, 2026 5:50pm - 6:15pm IST
Single agents calling MCP tools is a solved problem. Multi-agent swarms, where several agents coordinate on the same task, isn't.

The moment you go from one agent to three, you hit a set of problems that MCP itself doesn't solve and that most orchestration frameworks only paper over: how do agents share state without drowning each other in JSON, how do you isolate their execution when they're all touching the same files, and how does one agent pick up where another left off?

This talk walks through those three problems using a concrete example: a code review swarm. Three specialized reviewer agents (style, security, test coverage) work on the same PR in parallel. A fourth, a developer agent, reads their findings and applies the fixes. Each agent runs in its own isolated sandbox. They collaborate through a shared filesystem rather than by passing context in prompts.

This is a technical deep dive covering:
- why traditional file storage mechanisms are not optimized for agentic workloads
- why shared workspaces are better than passing state through prompts or RAG lookups
- why isolation boundaries are important when agents execute code

Includes live demo of swarm.
Speakers
avatar for Vikram Vaswani

Vikram Vaswani

Developer Advocate, Self Employed - Consultant
Vikram Vaswani is a developer advocate, open source consultant, and technical author with 20+ years of experience helping teams adopt and scale open source technologies. He is the author of seven books published by McGraw-Hill and Pearson, with translations in multiple languages... Read More →
Sunday June 14, 2026 5:50pm - 6:15pm IST
Lotus 3 (Level 3)

6:20pm IST

Zero-Trust Execution: Sandboxing MCP Data Agents With WebAssembly - Shuva Jyoti Kar, Palo Alto Networks
Sunday June 14, 2026 6:20pm - 6:45pm IST
The Model Context Protocol (MCP) standardizes context retrieval and tool execution, but granting LLMs access to dynamic execution environments introduces critical runtime vulnerabilities. Traditional containerization (e.g., Docker/containerd) introduces unacceptable latency overhead for sub-second agentic loops, while static IAM/RBAC models fundamentally fail to constrain non-deterministic generated code.

This technical session details the architectural implementation of embedding a WebAssembly (WASM) runtime within an MCP server to enforce a strict, capability-based execution boundary. We will deconstruct how to compile MCP tools to WASM modules and utilize the WebAssembly System Interface (WASI) to ensure that any logic invoked by an LLM is isolated from the host operating system.
Speakers
avatar for SHUVA JYOTI KAR

SHUVA JYOTI KAR

Senior Principal Engineer, Palo Alto Networks
Shuva is a Senior Principal Engineer at Palo Alto Networks architecting secure enterprise AI platforms. He is authoring two upcoming books: Engineering the Data Agent Control Plane (O'Reilly) and Agent Skills in Action (Manning). An open-source contributor and former OpenDaylight... Read More →
Sunday June 14, 2026 6:20pm - 6:45pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust
 
Monday, June 15
 

11:30am IST

The Invincible MCP Server: Building Crash-Proof AI Tools With Durable Execution - Shubham Londhe, Temporal
Monday June 15, 2026 11:30am - 11:55pm IST
We All have been building AI Agents with MCP since it launched in 2024, but there's one thing no one is talking about - "What happens when MCP Fails? (and they fail often). MCP is just a process and it can crash, and so will the AI agent progress, it all can vanish with a crash.

Well, the new Tasks primitive in MCP (SEP-1686) helps a lot, it gives your AI agents a way to hand off long-running tools, but it doesn't solve the real problem. They don't maintain the state when the server crashes.

In this session, I'll do a live demo of a Kubernetes Auto Healing AI Agent with MCP server and walk through how to wrap MCP tool logic in workflows that survive crashes, restarts, and network failures.
I'll cover how to handle human-in-the-loop approvals inside long-running tools, how to retries and state-management, and how to observe what your MCP tools are doing in production.

I'll be breaking a running server on stage and show you the agent recovering without losing a step. Hence "The Invincible MCP Server"
Speakers
avatar for Shubham Londhe

Shubham Londhe

Senior Developer Advocate, Temporal
Hello Dosto, I am Shubham Londhe, a Senior Developer Advocate, passionate about developing and deploying production-ready applications.

Its been more than 9+ years in the IT industry and having worked with AWS, Temporal, gave me a lens of how Production-readiness works.

I take this experience and share it with learners across India through my YouTube channel "TrainWithShubham" with over 175000 subscribers. Happy Learning... Read More →
Monday June 15, 2026 11:30am - 11:55pm IST
Lotus 3 (Level 3)
  Building with MCP

12:00pm IST

From Shadow MCP To Sanctioned MCP: Building an Enterprise Agent Governance Program - Navin Pai, StackGen & Archana Rajkumar, SentinelOne
Monday June 15, 2026 12:00pm - 12:25pm IST
MCP has become the de-facto "standard" for exposing the external environment to agents, but security has always been a trailing concern, making a lot of platform teams sweat under the collar. Policy checks and tool-call authentication were tacked on quickly, but are quickly being seen are necessary but not sufficient. This session zooms out from single-agent enforcement to the operational challenge security and platform teams actually face in 2026: dozens of agents, hundreds of MCP server connections, multiple clouds, rogue tool registrations, and no centralized visibility into what's running.

This session presents a multi-stage maturity model for enterprise MCP governance, to help take practitioners from "we have no idea what's running" to "every tool call is governed, audited, and compliant with internal policies", and shows how to build the program incrementally, without boiling the ocean in the process and slowing down developer velocity.
Speakers
avatar for Navin Pai

Navin Pai

Director of Engineering, StackGen
Navin is a Founding Engineer at OpsVerse. You'll often find him on the internet, getting into flamewars about observability, large scale system design, and open source software
avatar for Archana Rajkumar

Archana Rajkumar

Staff Software Engineer, SentinelOne
I am a Staff Software Engineer at SentinenOne, and enjoy working at the intersection of AI, CyberSecurity and DevOps
Monday June 15, 2026 12:00pm - 12:25pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

12:30pm IST

Your AI Chatbot Just Exposed Your CEO’s Salary To an Intern: Securing Enterprise AI Agents - Hasini Samarathunga & Sahan Dilshan, WSO2
Monday June 15, 2026 12:30pm - 12:55pm IST
Have you ever worried that your new AI Agent might be a little too helpful? Imagine an intern asking an HR chatbot, "What is the CEO's salary?" and the bot, designed to be helpful, promptly fetches it.

As we equip LLMs with tools via the MCP to query internal systems, we introduce a significant data privacy risk if the agent cannot distinguish who is making the request.

In this session, we’ll explore the critical intersection of IAM and AI agents. You’ll see how to implement fine-grained access control and “on-behalf-of” user execution in MCP servers. By securely propagating user context, an agent ensures that when the CEO queries salary data, the data is delivered, but when an intern makes the same request, the system restricts it.

We’ll also dive into the “Human-in-the-Loop” (HITL) pattern, a safeguard that pauses high-risk actions for explicit human approval. You’ll learn how to design secure-by-default MCP architectures using standard authentication flows, zero-trust permissioning, and HITL workflows to keep your AI agents aligned, controlled, and trustworthy.
Speakers
avatar for Hasini Samarathunga

Hasini Samarathunga

Senior Software Engineer, WSO2
Hasini Samarathunga is a Senior Software Engineer at WSO2, with 3+ years of experience specializing in IAM and B2B domains. She is currently working on building B2B capabilities for MCP servers and introducing Agent-as-a-Service within WSO2 Identity Server.

She believes great tech talks should cut through the buzzwords and make complex ideas accessible, ensuring everyone, regardless of experience level, can walk away having learned something useful... Read More →
avatar for Sahan Dilshan

Sahan Dilshan

Associate Tech Lead, WSO2
Sahan Dilshan is an Associate Tech Lead at WSO2, where he has spent the past five years designing and building identity and access management features. His current focus sits at the intersection of two complementary areas: IAM for AI securing agentic systems with proper identity... Read More →
Monday June 15, 2026 12:30pm - 12:55pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

2:25pm IST

Your MCP Server Is an Attacker's Dream: A Security Playbook From Real-World Assessments - Akash Mahajan, KLOUDLE Inc.
Monday June 15, 2026 2:25pm - 2:50pm IST
MCP servers are quickly becoming the default interface between AI agents and production systems.

This speed has a cost. Most teams shipping MCP servers today are repeating the same security mistakes like overprivileged tool definitions, missing input validation, no transport-layer auth, and blind trust in what the LLM sends downstream.

This talk presents a practical security assessment playbook for MCP servers, built from hands-on penetration testing and security assessments of real MCP deployments.

We'll walk through the three-five most common vulnerability patterns seen in the wild.

- tool poisoning
- permission escalation
- transport misconfiguration
- server-side request forgery through tool arguments

For each vulnerability class, you'll see how the attack works, why it slips past code review, and what the fix looks like in practice.

Attendees will walk away with a repeatable methodology for assessing the security posture of any MCP server before it hits prod. Whether they built it or adopted it.
Speakers
avatar for Akash Mahajan

Akash Mahajan

Founder CEO, KLOUDLE Inc.
Akash Mahajan is the founder and CEO of Kloudle, the security posture layer for the AI software factory. Kloudle helps teams find, prove, and gate security issues across cloud infrastructure, MCP servers, apps, and APIs before agents ship them to production.

Akash has spent 20+ ye... Read More →
Monday June 15, 2026 2:25pm - 2:50pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

2:55pm IST

MCP Elicitation in the Wild: When Agents Ask for Too Much - Kaiwalya Koparkar, Gravitee.io
Monday June 15, 2026 2:55pm - 3:20pm IST
Elicitation is one of MCP's most powerful and least governed features. It lets servers request additional input from users at runtime, enabling richer, more dynamic agent interactions. But in production environments, elicitation also opens a surface for agents to request sensitive data they shouldn't need, bypass approval flows, or trigger unintended actions under the guise of a helpful prompt. This session examines elicitation as a runtime governance problem: what it is at the protocol level, where the security boundary sits between server and client, and how to enforce limits on what agents can elicit without neutering the feature entirely. Drawing on real implementation experience, the talk covers policy patterns for elicitation scope control, audit logging of elicitation events, and the UX tradeoffs of locking it down. Attendees will leave with a clear framework for deciding when elicitation is safe, when it needs guardrails, and how to implement those guardrails in a running MCP deployment.
Speakers
avatar for Kaiwalya Koparkar

Kaiwalya Koparkar

Platform Advocate, Gravitee
Monday June 15, 2026 2:55pm - 3:20pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

3:25pm IST

Securing MCP Servers for the Enterprise: OAuth 2.0, Keycloak, and Spring Boot in Production - Vishal Singh, Quest2travel
Monday June 15, 2026 3:25pm - 3:50pm IST
The MCP spec mandates OAuth 2.0 for HTTP-exposed servers, but most tutorials stop at "add a Bearer token." Enterprise deployments demand more: dynamic client registration, tool-level authorization, token introspection under load, and audit trails for compliance.

This session builds a production-grade MCP server with Spring Boot and the MCP Java SDK, secured by Keycloak. We cover: mapping OAuth scopes to MCP tool permissions, rate limiting per client credential with Bucket4j, wiring OpenTelemetry traces through the MCP request lifecycle, and handling edge cases at scale — token clock skew across distributed agents, graceful degradation when the IdP is unreachable, and preventing prompt injection from leaking privileged tool responses.

Attendees leave with a working architecture adaptable to any identity provider and a clear mental model of where MCP security ends and application security begins.

Breakdown: threat model (3 min), OAuth 2.0 + Keycloak layer (7 min), hardened Spring Boot server (8 min), edge cases from the field (5 min), architecture takeaway (2 min).
Speakers
avatar for Vishal Singh

Vishal Singh

Cloud Infrastructure Operations Engineer, Siemens Healthineers
Senior Software Developer at Quest2travel by MakeMyTrip, building Java/Spring Boot backend systems for B2B corporate travel at scale. Previously at Comviva (Tech Mahindra) on fintech platforms handling 3.5M+ API requests/day. Active open-source contributor to Keycloak (OIDC claim... Read More →
Monday June 15, 2026 3:25pm - 3:50pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

3:55pm IST

Stop the Wild Goose Chase: Enterprise Agents With Goose - Ram Iyengar, OpenSSF
Monday June 15, 2026 3:55pm - 4:20pm IST
The promise of autonomous AI agents has sent engineering teams on a wild goose chase—juggling vendor lock-in, unpredictable costs, & security nightmares all for an agent to execute a simple workflow.

Stop chasing and start building!

Enter goose: the open-source, general-purpose framework, designed to run natively on your machine. It connects to any LLM. goose shifts the paradigm from fragile and remote to robust and local.

In this talk, we shall explore how to successfully architect and deploy goose within an enterprise environment. Chop through hype to demonstrate how goose leverages MCP to integrate with your choice of tools. More importantly, we will tackle the critical enterprise realities of deploying autonomous agents: establishing strict token budgets, implementing robust security guardrails to prevent destructive terminal commands, and building "Custom Distros" to standardize AI workflows across your entire engineering organization.

Automate mundane research, streamline CI/CD, or safely vibecode ― you will leave this session with a practical blueprint for making open-source agents work for your enterprise, thanks to goose.
Speakers
avatar for Ram Iyengar

Ram Iyengar

Chief Evangelist, CF
Ram Iyengar is an engineer by practice and an educator at heart. He was (cf) pushed into technology evangelism along his journey as a developer and hasn’t looked back since! He enjoys helping engineering teams around the world discover new and creative ways to work. He is a proponent... Read More →
Monday June 15, 2026 3:55pm - 4:20pm IST
Lotus 3 (Level 3)

4:50pm IST

Sponsored Session: Your Agents don't like to talk to APIs : Building Multi-agent systems with MCPs - Anannya Roy Chowdhury, AWS
Monday June 15, 2026 4:50pm - 5:15pm IST
Modern AI agents struggle not because of reasoning limits, but because of interaction with tools on interfaces designed for humans. In agentic systems, this mismatch leads to incorrect tool selection, redundant calls, increased latency, & weak workflows that fail under real-world conditions. As MCP emerges as a standard for how models connect with tools & applications (LF Events), it provides a path to move from heuristic interactions to structured, contract-driven systems.

Taking a travel customer use case, this talk explores how the MCP redefines agent-tool interaction through schema-based contracts, enabling deterministic execution & reducing ambiguity. We’ll dive into MCP architecture—servers, clients, transports—& demonstrate how standardized tool definitions improve reliability & efficiency in agent workflows. We’ll compare a traditional API-driven approach with an MCP-based design, highlighting measurable improvements in latency, cost, & system behavior.

We’ll also cover production architectures: building MCP-compliant services, scaling them using containerized infrastructure, & implementing observability, security, & governance & failure handling real-world deployments.
Speakers
avatar for Anannya Roy Chowdhury

Anannya Roy Chowdhury

Developer Advocate, AWS
Anannya is an AI Engineer and Architect specializing in Agentic systems, production-grade GenAI, and Responsible AI design. As a GenAI Developer/Advocate at AWS, she works at the intersection of building multi-agent architectures, observability, and real-world AI deployment to—helping... Read More →
Monday June 15, 2026 4:50pm - 5:15pm IST
Lotus 3 (Level 3)
  Building with MCP
  • Session Slides Yes

5:20pm IST

Who Do You Trust? Securing Multi-Agent MCP Systems in Healthcare - Yuvraj Pradhan, MIT ADT University & Archana Kumari, MIT ADT University
Monday June 15, 2026 5:20pm - 5:45pm IST
An LLM caught my friend’s condition that doctors took two months to confirm. We asked: what happens when multiple specialised models review the same case together?

We built ConsensusMed on MCP. Each specialist model for a medical domain runs as an independent MCP server, and an orchestrator coordinates their outputs and decides what to trust when models disagree.

Multi-agent clinical systems face real attack surfaces:

- A malicious MCP server can exfiltrate OAuth tokens and impersonate legitimate users
- Prompt injection in clinical reports silently shifts outputs before consensus
- Tampered model weights corrupt findings with no OAuth scope catching it

So we built a trust layer directly into MCP:

- An MCP interceptor proxy redacts PHI using NER before any tool call reaches a specialist server
- The chairman verifies SHA-256 hashes of model weights against Ed25519-signed manifests before spawning
- Specialists run as stdio subprocesses. They never bind to a port. Network access is structurally impossible.

For regulated environments, we built an air-gapped MCP registry that operates entirely offline with cryptographic verification before execution.
Speakers
avatar for Yuvraj Pradhan

Yuvraj Pradhan

AI Systems Engineer, MIT-ADT UNIVERSITY
Yuvraj Pradhan is an AI Systems Engineer specialising in cost-efficient GenAI and secure multi-agent architectures. He is the first author of research published in Springer Nature on architecting a 125M-parameter NanoLLM for STEM tasks that outperforms significantly larger models... Read More →
avatar for Archana Kumari

Archana Kumari

Ai Systems Developer, MIT ADT University
Archana Kumari is an AI Systems Developer building practical machine learning systems and edge AI applications. Her work spans LLMs, computer vision on embedded devices, and full-stack tooling with Python and Java. She has developed multi-agent reasoning frameworks and voice-assisted... Read More →
Monday June 15, 2026 5:20pm - 5:45pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

5:50pm IST

MCP-Powered Ops: Red Hat Kubernetes MCP & Grafana MCP for Mission-Critical Applications - Rishi Nikhilesh Damerla & Sayantan Karmakar, Motorola Solutions
Monday June 15, 2026 5:50pm - 6:15pm IST
At Motorola Solutions, downtime isn’t just an inconvenience—it’s a public safety risk where lives are at stake. This session explores how we revolutionized incident response for mission-critical applications by moving beyond fragmented tools and alert fatigue. Historically, siloed data across Kubernetes and Grafana led to 45-minute MTTRs and manual context-switching.

We will detail our adoption of the Model Context Protocol (MCP), specifically utilizing Red Hat Kubernetes and Grafana MCP servers to build an AI-assisted operations layer. Learn how this unified context allows an AI agent to correlate metrics with cluster states in seconds, reducing MTTR to under 4 minutes while sustaining 99.99% uptime.

We'll share our production architecture for natural language incident resolution and our "human-in-the-loop" approach that ensures SREs remain in control of all write operations. Attendees will leave with practical guidance on scaling reliability in regulated environments and empowering junior engineers with senior-level operational context. Discover how to turn fragmented data into a mission-critical intelligence amplifier.
Speakers
avatar for Rishi Nikhilesh Damerla

Rishi Nikhilesh Damerla

Manager, Software Engineering, Motorola Solutions
Dynamic Engineering Manager leading CPS Observability teams at Motorola Solutions, specializing in Prometheus, Grafana, Elastic Stack, Kubernetes (GKE/OpenShift/Native), and AI/ML integrations (Vertex AI, Agentic AI workflows). Drives unified observability, SRE excellence, and platform... Read More →
avatar for Sayantan Karmakar

Sayantan Karmakar

Platform Devops Engineer 2, Motorola Solutions
I’m a Platform DevOps Engineer with 8+ years of experience specializing in open-source platforms, cloud-native technologies, and GitOps practices. I’m a Golden Kubestronaut, Red Hat, AWS, Terraform and OCI certified, with hands-on expertise in multiple Cloud Native tools. I’m... Read More →
Monday June 15, 2026 5:50pm - 6:15pm IST
Lotus 3 (Level 3)
  Agent Architecture + Orchestration
  • Audience Experience Level Any
  • Session Slides Yes
 
  • Filter By Date
  • Filter By Venue
  • Filter By Type
  • Audience Experience Level
  • Session Slides
  • Timezone

Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.