What 46 Organizations Told Us About Scaling MCP in Production
MCP Dev Summit brought hundreds of developers, architects, and product leaders to NYC for two days of talks and demos focused on the Model Context Protocol. We not only sponsored the event, but also presented on stage for our talk: “Deploying MCP at Scale without Skipping Compliance.” In addition, we spent two full days talking with people actually putting MCP into production.
Over those two days, we spoke with 46 organizations across enterprise, mid-market, and startups. Fortune 500 manufacturers. Global banks. Healthcare companies. Defense contractors. Consulting firms. Developer tooling companies. The conversations gave us a clear picture of where the MCP ecosystem is right now and where it’s heading.
Three themes stood out from our convos at MCP Dev Summit.
Security and access control are table stakes
The most consistent topic across our conversations was access control. Teams deploying MCP at scale are thinking hard about who gets access to what, and they want granular enforcement.
Here are some examples:
- A manufacturing company with 500 engineers walked us through their requirements for RBAC, rate limiting, and security controls before they could expand MCP across their organization.
- A government contractor flagged PII handling as a gating concern.
- A global pharmaceutical company described enterprise-wide interest in governance for their AI automation workflows.
- A large financial services firm was evaluating how to enforce policy-based controls as they consolidated their MCP infrastructure.
These aren’t edge cases. For organizations operating in regulated industries or at enterprise scale, security and governance aren’t features on a wish list. They’re prerequisites.
What’s notable is that the requirements these teams described, such as RBAC, PII detection, audit logging, rate limiting, are exactly the capabilities that MCP gateways provide.
Whether teams used the word “gateway” or not, they were describing gateway functionality. The market is converging on gateways as the control plane for MCP, and the conversations at the summit made that unmistakable.
What is an MCP gateway?
An MCP gateway, such as MCP Manager, is a central layer that monitors and controls how data flows between agents and MCP servers. Get an overview in this video below.
MCP Is Not Dead. But Context Bloat Is.
If you’ve spent any time in the MCP discourse lately (particularly on Twitter), you might have heard the “MCP is dead” claim. This claim boils down to a variation of “MCP is overhyped” or “agents choke on too many tools” or “context windows get flooded.”
We joked that the MCP Dev Summit was actually a memorial service. 👇
Obviously the group of people we talked to (at an MCP conference) did not agree that MCP is dead. While we did have a few laughs about people claiming MCP was over, we had a more nuanced conversation than what Twitter usually allows for.
Many conversations unpacked how when every tool in your organization is exposed to every agent in every context, you get bloated context windows and degraded performance. However, that problem isn’t that MCP gives agents access to tools. The problem is giving agents access to all the tools, all the time, with no control over what’s relevant to a given task or user.
Context bloat is an implementation problem, not a protocol problem. And it’s a solvable one. The teams building MCP seriously are already thinking about this in terms of scoping: which tools should be available to which agents, in which contexts, for which users.
Scoping is good architecture. And it’s another reason gateways are becoming central to how organizations deploy MCP. A gateway that controls tool visibility and scopes access per user or per agent is the natural solution to context bloat. You don’t need fewer tools. You need the right tools in the right context.
Teams want to move faster, and governance is the unlock
We expected governance to come up as a constraint; something teams knew they had to deal with. Instead, many of the conversations framed governance as an enabler.
Examples:
- A mid-size semiconductor company asked about helping non-technical users discover and share MCP tools across the organization without requiring everyone to learn git.
- A large consulting firm was exploring how centralized governance could help them roll out MCP-powered workflows to clients faster.
- Multiple teams described wanting a single place to manage MCP tool access, visibility, and policies so they could onboard new teams without slowing down.
The pattern is clear: organizations that solve governance early move faster. Teams that don’t solve it end up gating MCP adoption behind manual review processes, tribal knowledge about which tools are safe to use, and ad hoc security checks that create bottlenecks.
This is where gateways shift from a security tool to a productivity tool. When access controls, audit trails, and tool discovery are handled at the gateway layer, individual teams can move quickly without waiting for centralized approval on every new MCP integration.
MCP Gateways Are a Central Layer for Controlling AI Data Flows:
The ecosystem is maturing fast
Beyond the three core themes, the summit gave us a sense of how quickly the MCP ecosystem is growing. We talked to teams from 8+ countries. Multiple organizations sent groups of 2-3 people, all focused on MCP infrastructure. Several were migrating from other gateway approaches and evaluating purpose-built MCP solutions.
The conversations weren’t theoretical. People came with specific deployment architectures, specific security requirements, and specific timelines. That’s a meaningful shift from even a few months ago, when much of the MCP conversation was still about “what is this and should we care.”
The answer to that question is settled. The new question is how to deploy MCP at scale with the right controls in place. And increasingly, the answer is a gateway.
What’s next
We’re taking what we learned at MCP Dev Summit and building it directly into MCP Manager. The requirements we heard, such as RBAC, PII controls, audit logging, tool discovery, multi-tenant support, are already in our product today.
If you’re deploying MCP in your organization and thinking about how to scale it securely, we’d love to talk. You can start a free trial after booking an onboarding call. We look forward to hearing from you!
