Salt Security extends MCP threat protection to AWS WAF

Salt Security extended its Application Programming Interface (API) behavioral threat protection to detect and block malicious intent directed at Model Context Protocol (MCP) servers deployed within the AWS ecosystem. The change addressed what the company identified in the release as a new threat vector related to MCP infrastructure.

MCP servers have rapidly become a key component of enterprise Artificial Intelligence (AI) architecture, enabling LLMs and autonomous agents to call APIs, execute tools, and complete workflows. The release said MCP deployments were often implemented without central oversight, exposed to the internet, and increasingly targeted by adversaries for unauthorized access to critical data and system access.

The capability combined Salt's MCP Finder technology with AWS Web Application Firewall (WAF). MCP Finder provided visibility across external, internal, and shadow MCP deployments, and Salt fed real-time behavioral threat data into AWS WAF to route traffic for inspection and to allow automatic blocking. The company described the approach as applying intent-based Behavioral Threat Detection (BTD) to stop attacks that traditional tools miss.

Salt said the integration enabled identification of external misuse and abuse of MCP servers by AI agents and attackers and allowed those threats to be blocked through existing AWS WAF deployments. The release stated the integration was available as part of the Salt Security API Protection Platform and that Salt Security was showcasing the capabilities at AWS re:Invent 2025.

“Most organizations don't even know how many MCP servers they have, let alone which ones are exposed or being abused,” said Nick Rago, VP of Product Strategy at Salt Security.

The release also described that protections would be continuously updated based on evolving attacker tactics.