What is the main difference between MCP 1.0 and MCP 2.0?

MCP 1.x was designed to enable AI adoption by providing tools and protocols for organizations to utilize AI within their environments. MCP 2.0 shifts focus to security, introducing OAuth support, structured schemas, and human-in-the-loop controls to ensure AI can execute work without creating security risks.

How do structured schemas in MCP 2.0 improve security?

Structured schemas function like parameterized queries or whitelists, defining specifically what actions a tool is permitted to perform. Any actions outside this defined scope are ignored, which significantly reduces the attack surface for prompt injection attempts that were a primary vulnerability in MCP 1.x.

MCP 2.0 vs 1.0: How AI Security Protocol Evolved

Name: MCP 2.0 vs 1.0: How AI Security Protocol Evolved
Uploaded: 2026-03-12T15:39:29-04:00
Duration: 5 min 4 s
Description: TL;DR MCP 1.x focused on enabling AI adoption and onboarding enterprises to use AI tools, while MCP 2.0 shifts focus to securing AI execution within enterprise environments. OAuth support in MCP 2.0 enables standardized identity management with least p...

Commvault

03/12/2026

0 (0%)

Report Like Favorite

TL;DR

MCP 1.x focused on enabling AI adoption and onboarding enterprises to use AI tools, while MCP 2.0 shifts focus to securing AI execution within enterprise environments.
OAuth support in MCP 2.0 enables standardized identity management with least privilege enforcement, addressing the lack of authority verification in version 1.x.
Structured schemas create a whitelist approach that defines exactly what actions AI tools can perform, significantly mitigating prompt injection attack vectors.

This STRIVE podcast clip features Werner Nel, Principal Security & AI Intelligence at Commvault, explaining the rapid evolution from MCP 1.0 to MCP 2.0 and why this progression was necessary for enterprise AI security. The discussion establishes a clear distinction between the two protocol versions: MCP 1.x was fundamentally about enabling AI adoption within organizations, providing the tools and protocols needed to utilize AI and empower enterprises to leverage existing toolsets. MCP 2.0 represents a fundamental shift toward securing that adoption, addressing the critical question of how AI can execute actual work within an enterprise without creating security risks. Nel outlines three foundational changes introduced in MCP 2.0. First, OAuth support brings standardized identity and access management to the protocol, enabling organizations to assign permissions and privileges to specific cryptographic keys and enforce least privilege principles. Second, structured schemas address one of the primary attack vectors for prompt injection by creating a whitelist approach that defines specifically what actions a tool can perform while ignoring everything else. Third, the elicitation flow introduces human-in-the-loop controls that allow organizations to pause AI agent workflows at any point for interrogation, credential reissuance, or explicit confirmation of high-risk actions. The conversation acknowledges that while these enhancements represent significant progress, the specification will continue to evolve at the same rapid pace as AI itself, with MCP 2.0 serving as a launching pad for future security maturity.

Chapters

0:00 - Introduction to MCP Evolution
0:22 - MCP 1.x: Enabling AI Adoption
0:57 - MCP 2.0: Securing AI Execution
2:06 - OAuth Support and Least Privilege
2:53 - Structured Schemas for Prompt Injection Defense
3:53 - Human-in-the-Loop Elicitation Flow

Key Quotes

1:02 "Really 2.0 was introduced to answer a basic question of how can I have AI execute actual work within my enterprise without it creating a security risk? ..."
2:46 "OAuth 2.0 brings that standardization in. So we're able to exercise least privilege."
4:24 "Having that mechanism put in place completely changes everything happening autonomously and us needing to log that and try and keep track of what's going on."

Categories:

» Webinar Library » Commvault
» Cybersecurity » Identity & Access Management (IAM)
» AI & Machine Learning
» Data Protection

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

04/29/2026

12:00 PM

04/29/2026

Strategies for Safeguarding AI in Applications, Agents, and APIs

https://www.truthinit.com/index.php/channel/1893/strategies-for-safeguarding-ai-in-applications-agents-and-apis/
04/30/2026

10:00 AM

04/30/2026

Insights from the 2026 Keepit Annual Data Report on SaaS Data Protection

https://www.truthinit.com/index.php/channel/1868/insights-from-the-2026-keepit-annual-data-report-on-saas-data-protection/
04/30/2026

01:00 PM

04/30/2026

The New Economics of a VMware Exit

https://www.truthinit.com/index.php/channel/1880/the-new-economics-of-vmware-exit/
05/06/2026

02:00 AM

05/06/2026

Transforming AI's Potential: Proactively Identifying Attacks Before Breaches Occur

https://www.truthinit.com/index.php/channel/1886/transforming-ais-potential-proactively-identifying-attacks-before-breaches-occur/
05/06/2026

10:00 PM

05/06/2026

World Password Day: Strategies for Managing Your Passwords Effectively

https://www.truthinit.com/index.php/channel/1913/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

05:00 AM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively

https://www.truthinit.com/index.php/channel/1914/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

01:00 PM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively

https://www.truthinit.com/index.php/channel/1915/world-password-day-strategies-for-managing-your-passwords-effectively/
05/12/2026

01:00 PM

05/12/2026

Transforming Black Box to Glass Box: Revealing Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1895/transforming-black-box-to-glass-box-revealing-hidden-threats-and-ai-risks-through-data-lineage/
05/12/2026

11:30 PM

05/12/2026

Effective Strategies for Safeguarding Active Directory and Minimizing Data Exposure

https://www.truthinit.com/index.php/channel/1888/effective-strategies-for-safeguarding-active-directory-and-minimizing-data-exposure/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming Black Box to Glass Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-black-box-to-glass-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/