$18M Series A led by Sequoia · SOC 2 Type II Certified

The secure gateway between your LLMs and everything else

Uplink is the enterprise MCP gateway that enforces policy, prevents tool poisoning, and gives your security team full visibility into every agentic action.

Request Demo → See How It Works

uplink-gateway

# Deploy your MCP gateway in minutes

$ uplink init --org acme-corp --env production

✔ Gateway provisioned in us-east-1

$ uplink policy apply ./policies/tool-access.yaml

✔ 14 tool definitions validated

✔ 3 scoped policies applied

✔ DPoP token binding enabled

$ uplink connect --server github --server jira --server datadog

✔ 3 MCP servers connected · All health checks passing

Capabilities

Enterprise-grade controls for every MCP interaction

Uplink sits between your LLM orchestrator and MCP servers, enforcing security policy on every tool call, resource read, and prompt injection attempt.

🛡️

Tool Call Policy Engine

Define granular RBAC policies for every tool exposed via MCP. Approve, deny, or require human-in-the-loop confirmation per action, per user, per environment.

🔬

Prompt Injection Firewall

Real-time analysis of tool outputs and resource content for indirect prompt injection attacks, with configurable detection sensitivity and automatic quarantine.

📋

Full Audit Trail

Structured, immutable logs of every tool invocation, parameter, response, and policy decision. Stream to your SIEM via native integrations with Splunk, Datadog, and Sentinel.

🔑

OAuth + DPoP Token Binding

Secure credential management with proof-of-possession tokens, HSM-backed key storage, and automatic credential rotation. No plaintext secrets, ever.

🧬

Schema Validation & Drift Detection

Continuously validate tool definitions against pinned schemas. Detect and alert on tool description mutations that could indicate tool poisoning attacks.

⚡

Sub-5ms Latency Overhead

Purpose-built proxy layer adds minimal latency to your MCP traffic. Deployed at the edge in 14 regions with automatic failover and horizontal scaling.

Architecture

One gateway. Complete control.

Uplink is a transparent proxy that intercepts the MCP transport layer — enforcing security policy without modifying your agent code or MCP servers.

✓ Drop-in deployment — no SDK changes required. Works with any MCP-compatible client and server.
✓ Inspects tool definitions for description mutations and schema drift between deployments.
✓ Enforces least-privilege scoping on credentials passed to downstream MCP servers.
✓ Sandboxed execution environment for high-risk tool calls with automatic rollback.

🤖

LLM Agent / Orchestrator

Claude, GPT, Gemini, or custom

↓

Uplink Gateway

Policy · Auth · Audit · Firewall

↓

🔧

GitHub MCP

Code & PRs

📊

Datadog MCP

Metrics & Logs

🗄️

Postgres MCP

Read-only queries

📝

Jira MCP

Tickets & Sprints

Threat Model

Built for the attacks that keep CISOs up at night

MCP unlocks incredible agentic capabilities — but also introduces novel attack surfaces. Uplink defends against all of them.

CRIT

Tool Poisoning via Description Mutation

Malicious MCP servers can alter tool descriptions post-registration to trick LLMs into executing unintended actions or exfiltrating data through manipulated parameters.

✓ Mitigated by Schema Pinning

CRIT

Indirect Prompt Injection

Adversarial content embedded in tool responses or resource URIs can hijack agent behavior, enabling unauthorized actions across connected systems.

✓ Mitigated by Output Firewall

HIGH

Credential Theft & Token Replay

Bearer tokens passed to MCP servers can be intercepted and replayed. Without proof-of-possession binding, stolen tokens grant full access.

✓ Mitigated by DPoP Binding