AI model providers and Model Context Protocol (MCP) are being adopted at an unprecedented pace. As these new AI tools become deeply integrated into business operations and bring endless opportunities for productivity, security must not be ignored. MCP and AI model providers enable seamless communication between AI agents, tools, and models - but this convenience comes with significant security risks. MCP can expose sensitive information to unverified context providers, creating data leaks, malicious agent chaining, and supply chain attacks - all without consistent logging or enforcement.
Microsoft Defender is expanding its capabilities to protect AI MCP use across the enterprise. Building on recent enhancements in Microsoft Defender for Cloud which now provides visibility into containers running MCP across AWS, GCP, and Azure, we're now adding support in Microsoft Defender for Cloud Apps to help security teams discover, manage, and protect not only generative AI apps, but also AI model providers and MCP servers. As AI tools spread, so does shadow AI - unauthorized or unmanaged use of AI tools that bypass IT and security controls.
MCP servers and AI model providers explained
MCP servers take productivity a step further by enabling AI to operate in real-time context. As intelligent intermediaries, MCP servers connect models to live enterprise data and applications - standardizing interactions and removing silos between tools, systems, and information. This unlocks the full potential of AI: not just generating insights, but acting autonomously, adapting to business conditions, and streamlining operations without any human in the loop.
SaaS-based AI model providers are services that deliver sophisticated AI capabilities through simple APIs, allowing companies to integrate intelligence without massive infrastructure investments or specialized machine learning expertise.
However, as productivity evolves, unauthorized or unmanaged use of AI tools that bypass IT and security controls evolve too. Software engineering teams can easily configure the AI model provider or MCP server to an unsanctioned one in their AI code assistant. These integrations can inadvertently expose sensitive information, violate compliance policies, or introduce threats like tool shadowing and prompt injections. As AI becomes deeply embedded across the enterprise, visibility and governance must keep pace to ensure security is never compromised.
Figure 1: MCP and AI model providers being used in ‘Cline’ an AI code assistant.
How Microsoft Defender secures the use of AI model providers and MCP servers
Based on an extensive customer survey with large enterprises, we now understand the first step to securing AI use is gaining visibility into which of these services are in use across the organization. The cloud app catalog already provides a comprehensive list of over 35,000 discoverable cloud apps. It helps analyze traffic logs, gain visibility into cloud use, and assess the risk posture of these apps to manage security and compliance effectively. The catalog includes detailed risk parameters, such as data handling practices, authentication methods, and integration scopes. Starting today, the catalog has expanded to include AI model providers and MCP servers, enabling security teams to assess usage patterns and understand the risk posture of each.
In addition to this expanded catalog, we aim to provide more security insights to customers, based on customer feedback on AI model providers and MCP servers, to help reduce the risks they introduce.
Figure 2: AI - Model Provider and AI - MCP Server categories in the cloud app catalog
Furthermore, if you're hosting your own MCP server Defender for Cloud, AI Security Posture Management can help you discover all MCP servers hosted across multi-cloud environments, identify misconfigurations and vulnerabilities in the AI application and agents using them, and prioritize remediation process based on attack path analysis.
Microsoft Defender now helps you discover, monitor, and govern the use of AI model providers and MCP servers - giving you visibility, control, and protection against shadow AI risks with automated policies and real-time enforcement.
Learn more
- How to use Microsoft Defender for Cloud Apps to stay safe in the Gen AI era
- Check out our website to learn more about Defender for Cloud Apps
- Not a customer, yet? Start a free trial today
- Visit our Cloud App Catalog documentation
- Learn more about AI Security Posture Management (AI-SPM)
Microsoft