Building AI Agents with MCP: Architecture, Security, and Enterprise Deployment

Building with AI agents? This is your essential guide to MCP, tools, and enterprise security.

Shalev Shalit (Co-Founder & CEO at Willow) delivers a comprehensive breakdown of how AI agents actually work, how MCP connects them to your tools, and what you need to know to deploy them safely at scale.

Recorded at AI Agents in Practice | NYC Edition, hosted at Wix Offices (November 24, 2024).

What You'll Learn

Understanding AI Agents

• The real architecture: LLM + Context + Tools (not just ChatGPT)
• How tool descriptions impact agent performance
• Why token costs matter even for unused tools
• Managing the "too many tools" problem (1000+ tool limits)

MCP Implementation Types

• Local STDIO vs Remote HTTP – when to use each
• API Keys vs OAuth authentication models
• Current landscape: 96.9% local, 3.1% remote
• Trade-offs and best practices for each approach

Security Essentials

• Credential Leak: protecting API keys and tokens
• Tool Poisoning: validating tool sources and descriptions
• Prompt Injection: defending against external data attacks
• Enterprise-grade security patterns

The Path Forward Practical guidance on choosing Remote MCPs with OAuth for enterprise deployments, optimizing tool configurations, and building secure AI adoption infrastructure.

Watch the Full Talk