Virtual Event
Tue, Jul 22 · 2:00 PM ET / 11:00 AM PT
Why a Gateway
Is Not Governance
Virtual Event
Tue, Jul 22 · 2:00 PM ET / 11:00 AM PT
Why a Gateway
Is Not Governance
Most teams securing AI agents start the same way: stand up an MCP gateway, route the traffic through it, call it handled. A gateway enforces policy on the calls passing through it — but it can't tell you who or what was entitled to that tool, who approved it, or how you'd pull that access back. That's governance, and it's where most agent programs still have a gap.
Join C1 Field CISO Kevin Paige and Paul Webber, Principal Industry Analyst at SACR, for a candid conversation on where MCP security falls short — and what it takes to govern an agent without slowing your teams down.
What we'll cover:
- Where a gateway goes blind: shadow agents, no session context, no kill switch
- SACR's four MCP risk layers — and the gap buyers keep missing
- How to make agent access requestable, reviewable, and revocable
- Where the most advanced security teams are focused now
Register Now
Meet our speakers

Kevin Paige
Field CISO, C1
Kevin Paige is the Field CISO at C1, where he advises organizations on modern identity security, cybersecurity strategy, and aligning security programs with business outcomes. With more than 30 years of technology and security leadership across the private and public sectors, Kevin has served as CISO at Flexport and MuleSoft, helping lead MuleSoft through its acquisition by Salesforce. He is also an investor at Silicon Valley CISO Investments and a venture advisor at Glilot Capital Partners.

Paul Webber
Principal Industry Analyst, Software Analyst Cyber Research

Paul Webber is a respected cybersecurity thought leader and Principal Industry Analyst with more than 28 years of experience helping global enterprises strengthen security operations, cyber resilience, and digital transformation initiatives. A former Gartner Senior Director, Paul has advised CISOs, security teams, and technology vendors on cybersecurity strategy, emerging threats, SOC modernization, and threat detection and response. His practitioner-led perspective combines deep industry expertise with hands-on experience across enterprise security, cloud transformation, compliance, cyber risk management, and identity security.