Perforce Software launched a breakthrough in agentic AI testing with the ability to turn plain language inputs into resilient, execution-ready test actions.
New Free Resource to Vibe Coders: Backslash MCP Server Security Hub
June 26, 2025
Backslash introduced a new, free resource for vibe coders, developers and security teams - the Backslash MCP Server Security Hub.
DOWNLOAD THE WHITE PAPER: Vibe Securing - Addressing the Vibe Coding Tsunami of Risks
It is the first dynamically maintained, searchable central database of MCP servers that rates their risk and security posture based on a variety of factors including vulnerabilities and their severity, exposure to attack vectors, and provenance factors.
Additionally, for a limited time, Backslash is offering a free self-assessment tool and dashboard of your MCP server implementation risks.
As organizations rapidly adopt AI agents, copilots, and autonomous tools, a new category of backend infrastructure has emerged: Model Context Protocol (MCP) servers. These servers enable secure, contextual orchestration of AI behavior, and they are being adopted and used very quickly across all aspects of software development, applications, and IT. However, their rise introduces a new and largely unprotected attack surface. We highlighted the top 10 sks MCP servers present specifically when used in IDEs in a previous blog.
Security teams are increasingly under pressure to assess and approve the use of MCPs across their organizations. This need is especially acute as developers adopt AI-enhanced IDEs such as Cursor, Windsurf, and Copilot, leveraging MCPs to accelerate development workflows. We described how MCP server security presents new challenges to security teams, who need to quickly assess them (assuming they are even aware of their use).
Today, there are more than 15,000 MCP servers available publicly. There are already several directories and websites cataloging MCPs (such as mcp.so, Awesome MCP Servers, PulseMCP, MCP Market, Docker’s MCP list, a list within the Github MCP project, and more). Most MCP servers are not published by verified sources and lack proper security vetting, even as they serve as gateways to sensitive services, tools, and resources. Until now there’s been no public resource that rates MCP servers on their security posture - and we’re here to fix that.
The Backslash MCP Server Security Hub is the first security-focused database built specifically for this evolving layer of infrastructure.
What You Can Do with MCP Server Security Hub
The hub (for short) is free to use and does not require logging in. It uses a familiar directory interface, providing quick access to the most popular and most risky MCPs. Naturally you can search MCP servers by name. The database already includes thousands of MCPs and Backslash is continuously adding to it.
- Search and Score: Look up any MCP server to instantly view its security score and quickly determine whether it’s safe to use.
- Identify Risks: Review detailed security risks associated with each MCP server. This includes looking for malicious patterns, and weaknesses in the code such as unauthorized network exposure or excessive permissions.
- Detect attack vector: See whether a specific MCP server has a Local or Network attack vector.
- Get MCP details: Check whether an MCP server originates from a verified GitHub publisher and review its documentation.
- Coming Soon… additional security-focused features and use cases are on the way.
Industry News
July 15, 2025
OutSystems announced the Early Access Program for OutSystems Agent Workbench.
July 15, 2025
Harness Infrastructure as Code Management (IaCM) added major new features focused on reusability and scalability: Module Registry and Workspace Templates.
July 15, 2025
F5 announced new tools to reduce the immense complexity cross-functional operations (XOps) teams face in managing hybrid, multicloud, and AI-driven application environments.
July 15, 2025
BlueOptima has entered into an agreement to acquire the DevOps solutions business from Cirata, an AIM-listed provider of data and analytics migration solutions.
July 14, 2025
Google Cloud announced three major advancements for developers using Firebase.
July 14, 2025
Legit Security announced a major new feature that furthers its commitment to better serve the AI-first developer community: Legit MCP (Model Context Protocol) Server.
July 14, 2025
Pentera introduced a capability to uncover and validate risk exposure from data in Git repositories.
July 14, 2025
Domino Data Lab announced the launch of its Vibe Modeling offering.
July 10, 2025
MetTel announced a strategic partnership with Check Point Software Technologies to deliver an advanced mobile threat defense solution for enterprise customers.
July 10, 2025
Docker announced major new capabilities that make it easier for developers to build, run, and scale intelligent, agentic applications.
July 10, 2025
Azul announced a strategic partnership to deliver near-zero Common Vulnerabilities and Exposures (CVEs) third-party container images backed by Azul’s Java support.
July 10, 2025
Mirantis is extending support for Swarm for another five years.
July 10, 2025
Yellow Tail Tech, the training provider known for empowering adults with no IT background to launch successful technology careers, announced the rollout of two advanced programs: the Ansible Automation Certification Prep Track and the DevOps on AWS Track.
July 09, 2025
Red Hat announced Red Hat Enterprise Linux for Business Developers to simplify access to Red Hat's enterprise Linux platform for business-focused development and testing scenarios.
