👋🏼 Hi, I’m Allie! Realized I haven’t introduced myself on this platform. After leading security at a startup from founding to acquisition I’m now a vCISO for startups. Reach out to me for help with - SOC2 - creating a custom security roadmap for your business - AI security

NYC @insecureagents live recording with @samuel_colvin @leonardtang_ @ProulxKerem @ianlivingstone after @aiDotEngineer CODE Summit cc @vtahowe @swyx @ai_pensar @haizelabs @pydantic @KeycardLabs

Big day ahead at @aiDotEngineer Code Excited to discuss MCP, coding agents, and how AI Engineers are approaching AI Security Great to see some fellow AI Security friends @joshdevonai @bcrussett

and to give credit where credit is due I stole this graphic from

Reminder that MCP isn't the only agent protocol out there Likely the most popular and controversial since it's one of the few general purpose protocols Excited to touch on this during the debate

We’re flattered 😊 Going for an A++ on this MCP debate we’ll record and publish as an episode

Huge opportunity 👀

The MCP Debate is going down this Thursday at 2:30pm @aiDotEngineer CODE @dexhorthy challenges MCP, @ianlivingstone defends Is MCP > a bad protocol > rotting the context window > really the best way to do tool calls Find out Thursday!

Chinese Models! Preview of the Great MCP Debate - Agents Hour, Nov 17th

Often times security is just a scoping issue >Do you really need every tool an MCP server comes with? >Do you even need an MCP server? >Do you need that amount of non determinism that comes with an agent or can you use an LLM workflow More capabilities, more problems

Prepping for the great MCP debate In Anthropic's 2024 blog post announcing MCP they said, "[MCP's] aim is to help frontier models produce better, more relevant responses" first potential debate question, sooo how is that going :)

Giant doge at the cowork today. I’m told paw on the foot means he likes you 🥰

After doing compliance for AI startups for a year I'm starting to wonder if point in time audits hold any real value LLMs change as you interact with them, MCP servers change tools without your approval Real time technical controls and continuous compliance are better

As of right now we’ve got a solid 1v1 debate lined up I’ve got some ideas for how I could expand this and include more guests in the debate but I’d need more MCP defenders If you’re interested in defending MCP reply here or DM me

Excited to host this AIE Code side event. Hope you can join us! Luma link in this tweet or find it on the @aiDotEngineer CODE website

It’s always easier to be jaded or skeptical Harder to say this doesn’t work quite right but I’m interested in fixing it

ok one of the things that i've always wanted an AIE is coming to pass, after the Great @dylan522p v @jefrankle debate of 2024: the Great MCP debate! @vtahowe and @ianlivingstone are taking on all challengers - if you are a knowledgeable MCP skeptic, come do a live debate next

For anyone that would like to see my face more closely I’m doing two live podcasts at AIE Code next week 1. MCP debate at the conference 2. Panel convo with security leaders as an evening side event on Thursday Both of these will be very high signal, clear view of my face 😄

Some say MCP is >obsolete >a security nightmare >creates unnecessary abstraction Others say MCP provides >standardization >a security boundary at the network layer >federated data integration Which is it? Time to host a debate, live at @aidotengineer CODE next week!

I do think sandboxes have the potential to make some MCP use cases obsolete I can’t quote two tweets at once but I liked @masonwilliams post from yesterday saying “the primary benefit of the MCP protocol is to give agents a way to interact with 3rd party tools in a way where the

(and build B2B SaaS of course)