保障人工智能代理生态系统安全：大规模MCP服务器和代理安全.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.I S V 3 2 5Securing AI Agent EcosystemsMCP Server and Agent Security at ScaleAmit AroraPrincipal Solutions Architect AI/MLAmazon Web ServicesArjun SambamoorthySenior

2、 Director,EngineeringCisco 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.The Evolution of AIRapidly increasing autonomy and capabilities Retrieval Augmented Generation(RAG)Enhanced accuracy&context via external knowledge.Agentic AIAutonomously execution of complex,multi-step tas

3、ks.Simple ChatbotsDirect responses,basic assistance2 0 2 32 0 2 42 0 2 5+2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.The AI Security ChallengeAgentic AI riskMulti-agent systems have massive potential,but also greater risks:Access to sensitive dataAutonomous decision-makingComp

4、lex,autonomous interactions between users,agents,and toolsTwo main categoriesSupply ChainRuntimeAgentUserAgentAgentMCP ServerMCP ServerMCP ServerWeb SearchSaaS APIsRAGSaaS APIsFilesTools 2025 Cisco and/or its affiliates.All rights reserved.MCP Supply ChainCompromisedMCP ServersTool PoisoningShadowMC

5、P ServersMalicious CodeData ExfiltrationArbitrary Code ExecutionImpactAttack TechniquesSupply Chain Risks 2025 Cisco and/or its affiliates.All rights reserved.MCP Supply Chain Tool Poisoning 2025 Cisco and/or its affiliates.All rights reserved.Secure MCP Supply ChainTrusted MCP RegistryTool Analysis

6、TrustedMCP ServersCode AnalysisPrivileged Access ManagementSafeguardsMinimize RisksSandbox Environment 2025 Cisco and/or its affiliates.All rights reserved.Cisco MCP&Agent ScannerMCP ScannerA2A ScannerCisco Verified MCP ServerRisk&Reputation ScoreTool AnalysisBehavioral Code AnalysisCisco Verified A