Back
AI has evolved faster than any technology in modern history. What began as systems that provided information—chatbots, copilots, and assistants—quickly advanced into systems that access information. Today, AI is crossing a critical threshold: agents are now accessing data from enterprise data sources, manipulating information, interacting with applications, making decisions, and taking autonomous actions.
We’ve entered the era of agentic AI, and we need to secure it accordingly.
From assistants to autonomous agents
Generative AI’s initial value was in knowledge synthesis. But organizations quickly learned that true impact isn’t achieved by only answering questions, but instead from executing tasks, automating workflows, and seamlessly connecting AI into business systems.
This kind of shift requires giving AI real-time access to data and the ability to interact with necessary tools and applications. Machine-to-machine communication will also become especially important as agentic AI becomes more prevalent. Instead of humans talking to AI, we’re witnessing AI-to-AI, AI-to-app, and AI-to-database interactions at scale.
According to the Netskope’s Cloud and Threat Report: Shadow AI & Agentic AI 2025, enterprise use of AI agents is growing. For example, the report notes that GitHub Copilot is used in 39% of organizations observed by Netskope. For organizations using Amazon Bedrock, 14% are already using it specifically to build, deploy, or invoke AI agents. A PWC survey of 1,000 U.S. business leaders in early 2025 also found that 79% of organizations report at least some level of AI agent adoption.
It’s clear that organizations are no longer just using AI. They are orchestrating workflows through agents. Platforms like AWS Bedrock and Quick Suite make it easier than ever to create, configure, and deploy agents—assembling workflows, data connections, and specialized capabilities like Lego blocks. This means anyone can build an agent. Not just developers, but analysts, marketers—any end user. And they’re doing it at scale, often without IT knowledge.
With this in mind, security teams need to be prepared for securing AI agents, but that first means understanding how they communicate.
A new language for agents: Model Context Protocol (MCP)
To enable this new agentic world, a new communication standard has emerged: Model Context Protocol (MCP). MCP is becoming the language of tool and agent communication, allowing AI systems to request data, execute actions, and coordinate tasks in real time.
MCP:
- Standardizes how agents access tools, databases, SaaS systems, and custom services for extracting data as context for LLMs to take actions
- Enables agents to act autonomously without fragile API stitching
- Promotes modular, configurable AI systems that can be swapped, governed, or scaled
It’s a powerful technology, but with that power comes risk. For example, agents can unknowingly retrieve, share, or manipulate sensitive data. AI-to-AI communication may also bypass traditional access controls. Additionally, there is no native policy layer for MCP traffic, meaning no visibility, no governance, and no enforcement for security teams. Similarly, misconfigured agents can also trigger unintended actions, such as data movement, code execution, and system changes.
Just as securing HTTP was essential for the internet to scale, securing MCP is essential for agentic AI to become trusted, enterprise-ready, and safe. That’s where Netskope comes in.
How Netskope secures agentic AI communication and MCP
Netskope is extending its industry-leading SSE capabilities to secure MCP, empowering organizations to safely adopt agentic AI at enterprise scale. These new platform enhancements, now available in preview, deliver the visibility, control, and governance required for secure AI operations.
With the Netskope One platform, organizations can identify and categorize MCP activity, with full visibility into MCP Server attributes such as, server name, URL, server version, client name, client version and protocol version. This level of transparency helps security teams understand which MCP Servers can be used and need governance across the enterprise. Additionally, organizations can prioritize risk intelligently, with MCP Server risk scoring, showing which MCP servers pose compliance or security risk, allowing security teams to prioritize the access control on the MCP Servers, MCP Clients, MCP tools and their communications that pose the highest business risk.
To enforce control and access, Netskope helps organizations apply granular context-based policy controls with options to alert on or block unauthorized MCP traffic. This provides real-time prevention of sensitive data loss and prevents unintended autonomous actions. At the same time, the ability to monitor MCP communications to enforce data governance and policy boundaries, further aids in identifying exposure of intellectual property, PII, credentials, or passwords.
Continuous monitoring and interaction analysis offer deep insights into how MCP servers, clients, and tools communicate and make decisions. By logging tool requests and responses, sessions, and deployments, Netskope delivers the auditability essential for proper AI governance.
By securing agentic communication, organizations can confidently deploy autonomous agents integrated with MCP Servers across departments, accelerating workflow automation while preserving control. This empowers enterprises to innovate with AI safely, ensuring that compliance, privacy, and governance are built into every interaction. The result is an AI ecosystem that is modular, governed, and ready to scale with your business.
The new battleground
The next wave of AI innovation isn’t about bigger models, it’s about how those models communicate. With those conversations happening over MCP, they must be secured.To learn more about how Netskope can help you secure AI across your organization, visit us at https://www.netskope.com/solutions/securing-ai and read our AI Security Playbook for guidance on tackling the AI security challenge. For existing customers, contact your Netskope account team to enable MCP security capabilities in preview.
Read the blog