Aktuelles
Lasso Releases Open Source Security Gateway for MCP
April 2025 by LA REDACTION DE GS MAG
Lasso announced the launch of their open source MCP Gateway, the first security-centric solution for Model Context Protocol (MCP) specifically designed with agentic workflows development in mind. MCP Gateway accelerates secure, enterprise-grade adoption of MCP across the growing GenAI ecosystem, and is available as part of Lasso’s GenAI security platform, on GitHub and on other major open source platforms.
Since launched by Anthropic in November 2024, MCP has rapidly emerged as the de facto standard for connecting GenAI models with external tools and data sources. With thousands of developers contributing to the MCP ecosystem and a growing community on GitHub (e.g. Awesome MCP Servers with over 37K stars), Lasso offers foundational security tooling at this pivotal moment.
MCP simplifies AI-to-tool integrations across agentic workflows, enabling developers to build powerful LLM agents faster than ever. Despite this momentum, security and visibility have remained a major blind spot. Lasso MCP Gateway acts as a proxy and orchestrator for all MCP interactions, embedding critical security, governance, and monitoring capabilities while maintaining full compatibility with existing agent implementations.
Key Capabilities
Agnostic Guardrails
• Applies configurable security filters to both requests and responses
• Prevents sensitive data exposure before information reaches agents
• Works consistently across all connected MCPs regardless of their native capabilities
Advanced Tracking
• Provides usage analytics and pattern identification for optimization
Unified Visibility
• Provides a comprehensive dashboard for all MCPs in a single interface
Enterprise Readiness
• Empowers the community to add key enterprise features to MCP
Watch MCP Gateway demo video: https://youtu.be/fNWFSoUJd18
With the rapid rise of agentic workflows, organizations face wide range of risks including:
• Sensitive Data Exposure
If outputs are not properly sanitized, tools can unintentionally leak secrets, credentials, or internal model states.
• Prompt Injection
Hidden instructions which are embedded in tool descriptions or parameter hints, which the model unknowingly executes during runtime.
• Command Injection / Remote Code Execution
Unvalidated inputs passed to shell commands or system calls can result in immediate remote code execution (RCE)
• Lack of Logging and Monitoring
Without visibility into tool usage or model-tool interactions, detection and investigation of misuse becomes nearly impossible.
Lasso MCP Gateway directly mitigates these vulnerabilities, allowing teams to define policies, monitor security risks in real-time, block attacks before they happen, and enable the open source community to prepare enterprise readiness for MCP adoption.
