Detect tool poisoning early, block unsafe tool calls in real time, and prove governance—so enterprises can deploy agentic AI safely at scale.

Javelin, a Bay Area–based AI security company, today announced MCP Security, a defense-in-depth solution for the Model Context Protocol (MCP)—the connective tissue between AI assistants, tools, and enterprise data. The release combines Javelin Ramparts, an MCP scanner, with Javelin MCP Runtime Guardrails for real-time policy enforcement at the tool and data boundary.

As enterprises accelerate agentic AI, adversaries are shifting to agent hijacking and indirect prompt injection—malicious instructions hidden in business content or third-party data that drive unintended actions. Recent demonstrations show poisoned content can trigger real-world outcomes, underscoring the need for runtime guardrails.

“Waiting for an incident to prove the need for agent security is not a strategy; it’s a cost center that erodes trust and brand equity,” said Sharath Rajasekar, CEO and Co-founder of Javelin. “MCP Security brings shift-left scanning and runtime policy to the exact moment agents connect to tools and data—closing the most vulnerable paths: supply chain, prompt injection, and unsafe tool calls—without slowing teams down.”

Why Now

Rapid adoption: MCP is emerging as the standard interface connecting assistants to apps and data, with one-click installs fueling growth.

Evolving threats: Agent hijacking and semantic prompt injections bypass naïve guardrails as agents act on the world. IBM reports 97% of AI-related security incidents lacked proper access controls, and 63% lacked formal governance.

Material business impact: Mature AI controls reduce breach costs and speed recovery while preserving innovation velocity.

What’s in the Launch

Javelin Ramparts: Pre-deployment MCP risk assessment that scans servers and tool manifests for supply-chain and poisoning risks. Produces prioritized, audit-ready findings (mapped to OWASP/MITRE) and integrates with runtime guardrails.

MCP Runtime Guardrails: Real-time policy enforcement at the MCP boundary. Allow, block, or require review as agents access tools or data—protecting live data flows without slowing teams. Provides standardized, audit-ready evidence across the AI landscape.

Enterprise Value

Together, Javelin Ramparts and Runtime MCP Guardrails deliver a defense‑in‑depth layer for agentic systems and AI‑enabled applications—connecting assessment, policy, enforcement, and monitoring end‑to‑end.

Reduce risk & cost: Block high-impact abuse paths and strengthen AI governance.

Accelerate rollout: Ramparts catches risks pre-deployment; guardrails contain live threats while preserving uptime.

Prove compliance: Generate audit-ready evidence mapped to standard frameworks for boards, regulators, and customers.

Learn more: Visit getjavelin.com or contact sales@getjavelin.com.

About Javelin

Javelin is a venture-backed, research-driven AI security company headquartered in the San Francisco Bay Area. We safeguard every layer of modern enterprise AI—across foundation models, applications, and autonomous agents—so enterprises can scale AI safely, responsibly, and in full compliance.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250819727553/en/

MCP Security brings shift‑left scanning and runtime policy to the exact moment agents connect to tools and data, closing the most vulnerable paths - without slowing teams down. Javelin delivers end-to-end Agentic protection enterprises can trust.