Instrument your MCP server: audit, signing, and policy enforcement in half a day.

Most MCP setups in production have no audit trail, no policy enforcement, and no signed evidence of what the agent actually did. That's fine for prototypes — and it's exactly why security teams block these systems from going further.

This half-day workshop takes a working MCP setup and instruments it end-to-end: tamper-evident audit logs, Ed25519-signed receipts of every tool call, and a policy engine that blocks or allows at the proxy layer. You'll leave with a running pipeline you could demo to a security stakeholder on Monday.
We'll use agent-receipts (open-source, MIT) as the demo audit tool, but cover the alternatives — Pipelock, mcp-firewall — and discuss when each fits. The goal isn't to sell one tool; it's to give you a concrete, working starting point for the audit and policy conversation that's currently blocking your agentic features in production.


Take a working MCP setup and instrument it end-to-end in three and a half hours. We start from a running MCP server (provided), wrap it with an audit-and-policy proxy, and finish with tamper-evident, cryptographically signed records of every tool call plus a policy engine that can block, allow, or log based on YAML rules.
The workshop is hands-on throughout. You'll run the proxy sidecar, generate signing keys, watch receipts flow, write a policy that denies a specific tool call, and verify the audit chain to detect tampering. We use agent-receipts (open-source, MIT) as the spine because it cleanly separates audit from enforcement, but we'll discuss alternatives — Pipelock, mcp-firewall, the commercial gateways — and where each fits.
By the end you'll have a running, instrumented MCP pipeline on your laptop, plus a working vocabulary for the audit-and-policy conversation that's currently the bottleneck for agentic AI in many organisations. The session is appropriate for engineers who've used MCP before but haven't deployed it past prototype stage, and for security-adjacent engineers wanting hands-on exposure to what these systems actually look like.