Accelerating AI Security: How Cisco and AWS Tackle the Challenges of MCP and A2A Integration

Navigating the Complex Landscape of AI Agent Adoption

Uncovering Visibility Gaps in AI Deployments

Strengthening Supply Chain Security at Scale

Alleviating Compliance and Security Review Bottlenecks

Achieving Unified Security Across MCP and A2A Protocols

Leveraging Open Architecture and Integration for Enhanced Security

Streamlining Downstream Workflow Integration

Getting Started: A Guide for AWS and Cisco AI Defense Customers

Conclusion: A Path Forward in AI Governance

About the Authors

Accelerating AI Security: How Cisco and AWS are Addressing Key Challenges in MCP Adoption

Since the introduction of the Model Context Protocol (MCP) in November 2024, enterprises have rapidly embraced this technology, deploying vast networks of MCP servers to extend the capabilities of AI agents by connecting them to external data sources and APIs. By April 2025, the release of the Agent-to-Agent (A2A) Protocol allowed these autonomous agents to communicate directly with each other, eliminating the need for human intervention. More recently, new Agent Skills have emerged across enterprises, further driving this growth.

However, this burst of innovation has created significant security gaps. As organizations scale their AI capabilities, they encounter three key challenges: a lack of visibility into deployed tools and agents, manual security reviews that can’t keep pace with deployment speeds, and missing compliance frameworks leading to untraceable audit trails for autonomous AI agents.

Identifying the Risks

The proliferation of unvetted MCP servers, A2A agents, and Skills brings several risks:

1. Inadvertent Access to Sensitive Data: Uncontrolled access may lead to breaches of sensitive systems.

2. Compliance Violations: Regulatory frameworks such as SOX and GDPR can be violated, resulting in hefty penalties.

3. Operational Disruptions: The discovery of vulnerable tools or malicious agents after deployment can significantly disrupt operations.

Security teams often struggle with manual review processes that can extend AI application deployment timelines by several weeks, leading to backlogs that continue to grow as AI adoption accelerates. Audit failures due to insufficient tracking expose organizations to regulatory scrutiny that compliance teams find hard to manage.

Addressing the Challenges: Cisco and AWS Partnership

The recent collaboration between Cisco and AWS addresses these enterprise challenges head-on. Through the AI Registry, an open-source project backed by AWS, and integrated with Cisco AI Defense, organizations can leverage automated security scanning and unified governance for their AI systems.

Tool Sprawl and Visibility

The ad-hoc deployment of MCP servers and AI agents complicates security oversight. Without a centralized system, organizations lose track of available tools and agents and their respective security risks. The AI Registry resolves this by allowing unified registration and discovery, giving organizations complete visibility into every deployed MCP server, AI agent, and Skill.

Automated Security at Scale

Manual reviews are often inadequate when it comes to assessing third-party MCP servers and A2A agents that may have inherent vulnerabilities. With AWS’s AI Registry, when new servers or agents are added, they undergo automatic security scanning before gaining access to the enterprise’s infrastructure. The system generates detailed security reports, marking problematic components as disabled until they receive administrator review.

As Akshay Bhargava, VP of AI Product at Cisco, states, “Security is a foundational requirement for enterprise AI adoption."

Tackling Compliance and Security Review Bottlenecks

Traditionally, security reviews can create delays in deploying new AI agents. The partnership enables automated scanning with human reviews only as necessary, allowing for quicker onboarding of new MCP servers, agents, and Skills. This transition from a slow manual process to a streamlined automated one significantly reduces bottlenecks.

As Mahdi Sajjadpour, Director for Solution Architecture at AWS, mentions, “This partnership demonstrates how open collaboration accelerates enterprise innovation."

Implementation: Unified Security Across MCP and A2A Protocols

The AI Registry effectively serves as a central control plane for discovering and securing AI assets. Each registered MCP server and agent undergoes rigorous security scanning, including:

• YARA Analyzer: Fast detection of known threats such as SQL injections.
• LLM Analyzer: AI-driven semantic analysis to identify complex threats.
• Cisco AI Defense Scanners: Advanced threat detection for reaching compliance with regulatory frameworks like SOX and GDPR.

Integration and Downstream Workflow

The registry architecture supports open standards and APIs, enabling seamless integration with existing enterprise workflows. Automatic ticketing, real-time alerts, and reporting tools mean that organizations can maintain robust security oversight while maximizing operational efficiency.

Getting Started

For organizations looking to leverage these capabilities:

• AWS Customers: Deploy the AI Registry and integrate with Cisco AI Defense for security scanning within onboarding workflows.
• Cisco AI Defense Customers: Configure the MCP Scanner to target your organization’s registry and enhance existing security measures.

Conclusion

The partnership between Cisco and AWS highlights a comprehensive approach to overcoming significant challenges posed by rapid AI adoption. By automating security scanning and enforcing compliance, organizations can gain the visibility they need into their AI infrastructure while reducing risks associated with deploying new tools and agents.

Ready to enhance your AI security? Start by deploying the AI Registry and configuring the Cisco AI Defense scanner integration.

About the Authors

Amit Arora is a Principal AI and ML Specialist Architect at AWS, guiding enterprises in leveraging machine learning to drive innovation.

Arjun Sambamoorthy serves as Senior Director of AI Engineering at Cisco, bringing extensive cybersecurity experience to the AI Defense team.

Shweta Keshavanarayana is a Senior Customer Solutions Manager at AWS, dedicated to aiding customers in their cloud migration journeys.

By focusing on scalability and security, the collaboration between Cisco and AWS paves the way for responsible AI adoption across the enterprise landscape.