What 100+ Organizations Told Us About Scaling MCP in Production
MCP Dev Summit brought 1200+ developers, product leaders, and AI builders to NYC for two days of talks and demos focused on the Model Context Protocol. We not only sponsored the conference, but also presented on stage for our talk: “Deploying MCP at Scale without Skipping Compliance.” In addition, we spent two full days talking with people actually putting MCP into production.
We spoke with 100+ organizations across enterprise, mid-market, and startups, including Fortune 500 manufacturers, global banks, healthcare companies, government contractors, consulting firms and developer tooling companies. The conversations gave us a clear picture of the state of AI governance in the MCP ecosystem right now and where it’s heading.
Four themes stood out from our convos at MCP Dev Summit.
Security and access control are table stakes
The most consistent topic across our conversations was access control. Teams deploying MCP at scale are thinking about who gets access to what, and they want granular enforcement.
Here are some examples:
- A manufacturing company with 500 engineers walked us through their requirements for RBAC, rate limiting, and security controls before they could expand MCP across their organization.
- A government contractor flagged PII handling as a gating concern.
- A global pharmaceutical company described enterprise-wide interest in governance for their AI automation workflows.
- A large financial services firm was evaluating how to enforce policy-based controls as they consolidated their MCP infrastructure.
These aren’t edge cases; rather, these concerns were the norm (especially for organizations operating in regulated industries or at enterprise scale). Security and governance aren’t features on a wish list; they’re prerequisites.
What’s notable is that the requirements these teams described, such as RBAC, PII detection, audit logging, rate limiting, are exactly the capabilities that MCP gateways provide.
Whether teams used the word “gateway” or not, they were describing gateway functionality. The market is converging on gateways as the control plane for MCP, and the conversations at the summit made that unmistakable.
What is an MCP gateway?
An MCP gateway, such as MCP Manager, is a central layer that monitors and controls how data flows between agents and MCP servers. Get an overview in this video below.
MCP Is not dead. But context bloat is.
If you’ve spent any time in the MCP discourse lately (particularly on Twitter), you might have heard the “MCP is dead” claim. This claim boils down to a variation of “MCP is overhyped” or “agents choke on too many tools” or “context windows get flooded.”
Or, as Garry Tan succinctly said (and later walked away from), “MCP sucks, honestly.” Peter Steinberger, one of MCP’s staunchest critics also embraced MCP just days before the conference.
We joked that the MCP Dev Summit was actually a memorial service. 👇
Obviously the group of people we talked to (at an MCP conference) did not agree that MCP is dead. While we did have a few laughs about people claiming MCP was over, we also had a more nuanced conversation than what Twitter allows for.
Many conversations unpacked how when every tool in your organization is exposed to every agent in every context, you get bloated context windows and degraded performance. However, that problem isn’t that MCP gives agents access to tools. The problem is giving agents access to all the tools, all the time, with no control over what’s relevant to a given task or user.
Context bloat is an implementation problem, not a protocol problem. And it’s a solvable one. The teams building MCP seriously are already thinking about this in terms of scoping: which tools should be available to which agents, in which contexts, for which users.
Scoping is good architecture. And it’s another reason gateways are becoming central to how organizations deploy MCP. A gateway that controls tool visibility and scopes access per user or per agent is the natural solution to context bloat. You don’t need fewer tools. You need the right tools in the right context.
Teams want to move faster, and governance is the unlock
We expected governance to come up as a constraint; something teams knew they had to deal with. Instead, many of the conversations framed governance as an enabler.
Examples:
- A mid-size semiconductor company asked about helping non-technical users discover and share MCP tools across the organization without requiring everyone to learn git.
- A large consulting firm was exploring how centralized governance could help them roll out MCP-powered workflows to clients faster.
- Multiple teams described wanting a single place to manage MCP tool access, visibility, and policies so they could onboard new teams without slowing down.
The pattern is clear: organizations that solve governance early move faster. Teams that don’t solve it end up gating MCP adoption behind manual review processes, tribal knowledge about which tools are safe to use, and ad hoc security checks that create bottlenecks.
This is where gateways shift from a security tool to a productivity tool. When access controls, audit trails, and tool discovery are handled at the gateway layer, individual teams can move quickly without waiting for centralized approval on every new MCP integration.
MCP Gateways Are a Central Layer for Controlling AI Data Flows:
There was a lot of interest around MCP Apps
Beyond the aforementioned AI governance themes, the summit gave us a sense of how quickly the MCP ecosystem is growing. For example, MCP Apps, the first extension of MCP, was popular at the show. There were many companies, such as Alpic and Manufact, that help enable builders to create and distribute MCP Apps; they gave talks, exhibited at the expo and educated hundreds of builders on best practices.
Some builders seem to be niching down, creating MCP Apps for specific verticals, while others are going after large companies that need to appear in chat with an app of their own.
Co-founder of Ghost Team AI talking about MCP Apps:
It’s clear that builders are considering how consumer-facing workflows will forever change due to what MCP Apps enables. There was speculation that ChatGPT will start surfacing apps as suggestions during chat sessions, similar to how SERP features and widgets can appear for Google searchers. How consented data and compliance will play out in these new consumer-facing workflows remains to be determined. But, as usually is the case with AI, builders create first and then governance comes shortly thereafter.
Final Thoughts
In the end, we talked to teams from 8+ countries and spoke in front of audiences around MCP best practices. Multiple organizations sent groups of 2-3 people, all focused on MCP infrastructure.
The conversations weren’t theoretical. People came with specific deployment architectures, specific security requirements, and specific timelines. That’s a meaningful shift from even a few months ago, when much of the MCP conversation was from the perspective of individuals using MCP.
Now it’s clear that we’ve evolved past conversations around protocol adoption and instead are talking about organization implementation.
The new question is how to deploy MCP at scale with the right controls in place. And increasingly, the answer is a gateway. Just like other protocol that needed platforms to become viable in an enterprise setting (e.g., SAML —> Okta, Git –> GitHub), MCP gateways give the permissions and
What’s next
We’re taking what we learned at MCP Dev Summit and building it directly into MCP Manager. The requirements we heard, such as RBAC, PII controls, audit logging, tool discovery, multi-tenant support, are already in our product today. We also got some great ideas for future releases.
In addition, MCP Dev Summit announced many new cities throughout 2026. We already noted what countries search for MCP servers the most, and it’s clear The Linux Foundation has a similar dataset, as the Summit will have a heavy presence in India and various countries in Asia.
Whether you can or can’t make an upcoming Summit, you can always chat with our team about how to deploy MCP at scale within your org securely. You can start a free trial after booking an onboarding call. We look forward to hearing from you!
