Solutions / Use case

Bring order to MCP chaos.

92% of unmanaged MCP servers are exploitable. Most teams have already shipped some — they just haven't told the CIO. Agent Gateway is how you keep building without breaking governance.

Book a demo See customer results
exploit success rate on unmanaged MCP servers
92%
of unmanaged MCP servers have critical vulnerabilities
33%
raw system access remaining after governed MCP rollout
0
Tray connectors available as governed MCP tools
700+

MCP without governance is attack surface.

Model Context Protocol (MCP) is how AI agents talk to tools and data. It’s adopted faster than the governance to handle it. Industry research puts the exploit rate on unmanaged MCP at 92%, with 33% of servers having critical vulnerabilities. By 2027, Gartner expects 40% of enterprise MCP deployments to be hit by security incidents.

Most teams already have shadow MCP somewhere. The CIO just hasn’t found it yet.

What Agent Gateway gives you

Managed MCP servers

Publish governed MCP tools that agents can call — with central versioning, rate limits, and rollout control. No bespoke server-build per use case.

700+ connectors as MCP tools

Every Tray.ai connector — Salesforce, NetSuite, Snowflake, Workday, GitHub, Slack — can be exposed as a governed MCP tool with one workflow.

RBAC + observability

Every tool call traceable to a user. Per-tool, per-agent permissioning. Audit logs that satisfy enterprise compliance requirements.

Composite tools — less token burn

Package multi-step workflows as a single governed MCP tool. Fewer tools in context means 10× lower token costs and more predictable agent behaviour over raw MCP servers.

Zero raw system access remaining post-rollout

“We went from zero visibility into what our agents were doing to a full audit trail of every MCP call, every tool invoked, every credential used. Agent Gateway gave compliance the controls they needed without slowing the AI teams down.”

VP of Enterprise Architecture
VP of Enterprise Architecture, Global Insurance Group

Teams already doing this on Tray.ai

Customer stories tagged to this use case.

J.W. Pepper logo

IT / Business Tech

MCP adoption spread rapidly across J.W. Pepper without centralized governance. Teams were building AI agents faster than IT could establish …

Read the story →

Frequently asked questions

We already have engineers running MCP servers locally. Is that bad? +

Probably. Industry research puts the exploit rate on unmanaged MCP servers at 92%, with 33% having critical vulnerabilities. The risk isn't theoretical — it's prompt injection, data exfiltration, and tool poisoning. Agent Gateway pulls those servers under one managed roof without making engineers stop building.

Does Tray replace open-source MCP servers? +

Yes. Tray runs a managed MCP layer where you publish 700+ Tray connectors as governed MCP tools — no bespoke server build required, RBAC and audit logging included. The pattern is to replace scattered developer-built servers with tools published through Agent Gateway.

What does "governed" actually mean here? +

In concrete terms — every tool call traceable to a user, central control over which agents can call which tools, RBAC enforced at the tool level, and audit logs that satisfy SOC 2 Type II, SOC 1 Type II, HIPAA, GDPR, CCPA. The Global Insurance Group rolled out Agent Gateway and went from zero visibility into agent activity to a full audit trail of every MCP call, with zero raw system access remaining.

How does this play with existing IAM? +

Tray's RBAC composes with your existing identity provider. Agents act on behalf of users, with permissions inherited from the IAM source of truth.

See MCP governance in action.

Walk through the scenario with a Tray.ai expert.

Book a demo Compare alternatives