MCP Enterprise Security: A Practical Architecture and Lessons to Avoid Being Pwned
Practical security architecture for MCP in enterprise environments and lessons learned to avoid being compromised. With Alfonso Muñoz
I’ve traveled half the world giving talks. Many talks.
About cybersecurity. About hacking. About development. About APIs. About Docker. About whatever’s needed.
Plus, I founded Navaja Negra and the OWASP Madrid chapter, two of the most active cybersecurity communities in Spain. So I’ve seen quite a few good talks. And some not so good.
I’m passionate about sharing knowledge. And I love it when people leave one of my talks saying “wow, I can apply this tomorrow at work”.
Here are some of my most notable talks.
Practical security architecture for MCP in enterprise environments and lessons learned to avoid being compromised. With Alfonso Muñoz
Security in Model Context Protocol (MCP): how design and implementation errors can compromise your infrastructure. With Alfonso Muñoz
Unconventional ways to exploit databases: beyond deleting data or stealing information
Real AWS Lambda examples. Good, bad and terrible practices. With César Gallego
Techniques to protect Python code: from basic methods to creating custom Python interpreters
Techniques to protect Python source code when publishing it: from the simplest to compiling your own Python interpreter
Everything I've learned using Python Asyncio in production processing millions of events per day: the good, the bad and the ugly
How to distribute application security responsibility across the entire organization, beyond the security team
Technical talk at the first OWASP Madrid chapter meetup about web application security
How DevOps are creating new attack vectors and vulnerabilities that security auditors have to fix