Agent Security
What controls belong around a production MCP server?

A production MCP server should have controls for identity, authentication, authorization, network access, logging, monitoring, secrets, and change management. Teams should define which agents or clients can call the server, which tools are exposed, which data can be accessed, and how actions are audited. They should also consider rate limits, failure behavior, incident response, and how credentials are rotated. Diagrid's Catalyst positioning is relevant because it connects MCP servers to a broader agent platform with workload identity, mTLS, policy-based access control, and traces across agent and tool activity.