Navjot Singh
Navjot Singh is a Cloud Security Associate Architect at Thomson Reuters with 7 years of information security experience in cloud security and AI/ML. He specializes in AI/ML security reviews, cloud security architecture and governance, and cyber due diligence for mergers and acquisitions. Previously at Deloitte Risk Advisory, he worked with major retail and government clients to design and secure cloud-native environments, critical workloads, and built vulnerability management program.
Navjot holds a Master of Applied Science in Electrical and Computer Engineering from the University of Ottawa and a Bachelor of Technology in Computer Science. He is multi‑cloud certified (AWS, Azure, GCP)
Session
The Model Context Protocol (MCP) unlocks powerful tool use for LLMs—but it also widens the blast radius: arbitrary tool calls, untrusted context, and exfil-prone plugins. This talk introduces a Zero-Trust MCP Server Gateway that sits between LLM agents and MCP tools to enforce policy, isolate risk, and add observability. We’ll cover identity for agents and tools, per-tool allow/deny lists, schema validation, and least-privilege scopes.We’ll map MCP server security controls to AI risks (prompt injection, sensitive information disclosure, insecure tool use). Attendees leave with a reference architecture for secure MCP server deployment.