MCP threat trap: Deception engineering for zero trust AI access

This session explores how Indeed used Cloudflare Workers, Canarytokens, and Model Context Protocol (MCP) to build a serverless honeypot that detects unauthorized AI agent behavior in zero trust environments. By simulating internal tools and silently triggering Canarytokens, this stealthy, globally distributed system acts as a passive guardrail for organizations adopting MCP. It enhances security without disrupting innovation, offering a lightweight, scalable defense for AI-driven workflows built entirely on Cloudflare’s edge.