MCP
Introduction
Bastion supports the Model Context Protocol (MCP) on both sides of the AI workflow:
- Bastion MCP Server — connect Claude, Cursor, Claude Code, and other MCP-compatible clients to Bastion so your AI assistant can run compliance, security, and trust workflows on your behalf.
- MCP Governance — discover every MCP server running on employee devices, set allow and block rules, and review activity from one dashboard as part of AI Shield.
Key Features
Connect to Bastion
Run Bastion workflows from Claude, Cursor, Claude Code, and more
MCP Governance
Detect, allow, and block MCP servers across your organization
Why MCP?
MCP is the open protocol that lets AI assistants call external tools and APIs. Developers and operators now routinely connect AI clients to production systems, which introduces two needs:
- Productivity: customers want their AI assistant to act on Bastion data (fix a failing control, generate a trust center, remediate a vulnerability).
- Security: security teams need visibility and policy over which MCP servers employees install and what those servers can access.
Bastion addresses both in one place.
Getting Started
Connect your AI client
Point Claude, Cursor, or Claude Code at the Bastion MCP server to unlock workflows like Get Compliant and Fix Code Security Issues. See Connect to Bastion.
Deploy the Bastion agent
Install the Bastion device agent so MCP activity on employee laptops is observable. See Devices.
Set MCP policies
In AI Shield, choose a default policy (allow or block new MCP servers) and add per-server rules. See MCP Governance.
Review activity
Monitor tool calls, token exposure, and policy violations from the MCP dashboard.