Supercharging DevOps with MCP (Without Opening a Security Hole)

MCP lets LLMs trigger CI jobs, query Grafana, or debug from Sentry - right from your IDE. This talk shows how to build secure, powerful MCP workflows for DevOps, and what risks to watch as you plug LLMs into your stack without opening a security hole.

Model Context Protocol (MCP) is a powerful new way to extend LLMs with real-time access to tools, APIs, and infrastructure. It enables seamless workflows like querying Grafana dashboards, triggering CI/CD jobs, or fixing issues from Sentry all without leaving your IDE. In this talk, we’ll explore how MCP works, how to build your own MCP servers, and how to compose them to automate Ops tasks and boost productivity across your stack. But as we wire LLMs into our systems, security becomes a critical concern. Unrestricted use of MCP can open the door to various vectors of attack. We’ll cover main areas of concern as companies start adopt MCP tools - and discuss how to use them safely in production environments.