Press
Press
Mar 12, 2026

SurePath AI Advances Real-Time Model Context Protocol (MCP) Policy Controls to Govern AI Actions

Table of contents
Table of contents link
Authors
Randy Birdsall
Randy Birdsall
CPO & Co-Founder

Denver, CO – March 12, 2026 – SurePath AI, the security and governance platform that governs any of the AI solutions that you build, adopt, or buy, today announced MCP Policy Controls, which provides real-time controls over what MCP servers and tools are allowed to be used. The new capability helps organizations adopt MCP safely with visibility and safeguards from day one.

“MCP has quickly evolved from a buzz-acronym to the backbone in next-gen AI-powered workflows,” said Randy Birdsall, CPO and Co-Founder, SurePath AI. “In fact, we are seeing the same pattern when ChatGPT first became available – rapid adoption, little oversight, and a surface-level understanding of risks. The reality is that MCP introduces an entirely new attack surface, one that many organizations are already exposing without realizing it, but blocking MCP is not practical. Instead, it needs to be managed securely, and that means moving beyond traditional firewall and IAM policies. Modern organizations need to put into place controls that are specific to how MCP operates. Only then can security teams confidently support AI adoption without hindering innovation.”

MCP is a direct line from generative AI clients to the systems that enable a business to operate. These lightweight MCP tools can run locally on a user’s laptop and are often launched silently by AI desktop apps like ChatGPT, Claude, and Cursor. They also link to internal tools, such as Google Drive, Salesforce, and AWS management APIs. This presents new security challenges – AI is now issuing real commands, authenticated as the end user.  While cloud-based MCPs offer some guardrails, they also increase surface area. For instance, multiple agents connected to a mix of local and remote MCP servers can create tangled pathways for data sprawl and lateral movement.

SurePath AI was purpose-built to solve these challenges by applying policy-based control over what MCP servers and tools are allowed to be used before anything is executed. As the only platform that is schema-aware enough to transform these requests, SurePath AI enforces an organization’s policies on exactly which MCP servers and tools are allowed by controlling local MCP hosts and their connections to local MCP servers. These policies can leverage built-in classifications of whether a tool is destructive or not, or be customized explicitly to each organization’s security requirements.

To mitigate risk on the remote side, SurePath AI maintains a catalog of known MCP servers and endpoints. All protected MCP traffic is routed through its platform, where access controls are applied in real time, even down to the specific tool. SurePath AI’s new capability also uncovers supply chain threats by detecting never-before-seen MCP tools that could impersonate other tools or attempt to exfiltrate data outside the approved security perimeter. 

Key features include:
  • MCP Tool Discovery: Discover MCP tools through monitoring MCP usage in AI tools across the workforce by intercepting MCP payloads and removing tools that are either blocked by policy or in violation of capability requirements, such as tools that are not read-only. When a tool violates policy, it is removed from the MCP payload before being sent to the backend service, which means that the service will not have access to leverage that tool.
  • MCP Tool Block List: Explicitly block specific MCP tools that have been discovered in the environment. Blocked tools are removed from MCP payloads before they reach backend services.
  • MCP Tool Allow List: Allow specific MCP tools that have been discovered in the environment. Allowed tools will always be included in MCP payloads.
  • Allow Read-Only: When enabled, automatically enables all read-only MCP tools without requiring them to be added to the Allow List, streamlining policy management for lower-risk tools.
  • Catch-All Action: Determine the default action taken for MCP tools that are not explicitly allowed or blocked, providing control over how the system handles tools that fall outside of the defined block and allow lists.
  • Auto-Discovery and Classification: Gain insights into MCP tools, like whether they are well-known or just built on someone's laptop

For more information or to get in touch with a member of our team, submit a request here.

Related articles

Insight
Insights
Feb 10, 2026

A perfect storm for enterprises: ungoverned OpenClaw

OpenClaw accelerates agentic AI adoption but also creates a new enterprise risk trifecta. Learn why governance, not blocking, is the only path forward.

Read more
Insight
Insights
Jan 29, 2026

8 MCP security risks every enterprise needs to know

The top security risks introduced by Model Context Protocol (MCP) and what enterprises need to put in place to govern MCP safely at scale.

Read more
Insight
Insights
Jan 6, 2026

Uninsured and ungoverned: how to get visibility over AI risks

Insurers are excluding AI from coverage, signaling real risk. Companies must govern AI use, gain visibility, and control MCP to stay protected.

Read more