• About
  • Subscribe
  • Contact
Tuesday, May 13, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Big Data, Analytics & Intelligence

Tenable shows how prompt injection can secure the MCP

FutureCIO Editors by FutureCIO Editors
May 13, 2025
Photo by Sora Shimazaki: https://www.pexels.com/photo/crop-focused-hacker-in-hood-using-laptop-5926386/

Photo by Sora Shimazaki: https://www.pexels.com/photo/crop-focused-hacker-in-hood-using-laptop-5926386/

Tenable Research has demonstrated how to audit, log, and even firewall Large Language Model (LLM) tool calls running over Model Context Protocol (MCP) through strategies that resemble prompt injection.

MCP

MCP, a new standard from Anthropic, allows AI chatbots to connect to external tools and complete tasks autonomously. But as adoption grows, so do security concerns.

Ben Smith
Ben Smith

“MCP tools are easy to develop and plentiful, but they do not embody the principles of security by design and should be handled with care. So, while these new techniques are useful for building powerful tools, those same methods can be repurposed for nefarious means,” Ben Smith, senior staff research engineer at Tenable.

Prompt injection

“Prompt Injection remains one of the key risks. Smith wrote in a blog that it is a weakness in LLMs that can be used to elicit unintended behaviour, circumvent safeguards and produce potentially malicious responses. Prompt injection occurs when an attacker instructs the LLM to disregard other rules and do the attacker’s bidding.”  

Key research highlights

The research found that cross-model behaviour varies: “These methods rely on LLM prompting via the description and return values of the MCP tools themselves. Since LLMs are non-deterministic, so are the results. Lots of things could affect the results here: the model in use, temperature and safety settings, specific language, etc,” Smith explained.

It also found that the mechanisms used to exploit can help audit toolchains, detect malicious or unknown tools, and build guardrails inside MCP hosts.

Further, Smith urged that tools should require explicit approval before running in most MCP Host applications.

Related:  Tech advancements drive Social Media Management Software Market growth
Tags: Artificial Intelligencelarge language modelsLLM promptingModel Context ProtocolPrompt InjectionTenable
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • Tenable shows how prompt injection can secure the MCP
  • Build an alliance with your CIO
  • Supply chain management solutions company Tecsys expands footprint in APAC
  • VFS Global partners with SAP to transform digital cross-border mobility
  • Cloud leaders map APAC's digital future at regional summit

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe