The MCP Wake-Up Call: Why Non-Human Identities Must Be on Your Radar

“I didn’t know we were using it.”

That’s what many security teams say after a data exposure. The recent incident at Asana involving its Model Context Protocol (MCP) server is a perfect example of how non-human identities—like OAuth Apps, bots, integrations, and service accounts—can silently introduce security risks without detection or oversight.

In Asana’s case, a bug in the MCP server potentially exposed customer data from one domain to others. The exposure was scoped based on what the affected users had access to, but here’s the catch: the accounts in question weren’t necessarily human. They could be service accounts used for automations or integrations. And that’s where the problem lies.

What Happened: A Quick Recap

On June 18, 2025 Asana disclosed that a bug in its MCP server could have exposed certain project, task, and team data to other customers using the same feature. According to The Register, the vulnerability was isolated and quickly remediated. But what remains unaddressed is the lack of visibility into which Asana tenants are even using the MCP feature—and whether those accounts are still active, necessary, or secure.

This is a textbook case of non-human identity sprawl.

Why Non-Human Identity Risk is Growing

Most security teams have a decent grasp of human user hygiene—MFA policies, SSO enforcement, least privilege models. But non-human identities are a blind spot. These service accounts often:

• Bypass SSO entirely
  
  
• Use static credentials stored in CI/CD pipelines
  
  
• Are never reviewed or rotated
  
  
• Don’t follow the same lifecycle as human users
  
  

Left unchecked, they become prime candidates for lateral movement, silent privilege escalation, or—as in the Asana case—unintended data exposure.

How SSPM from Palo Alto Networks Helps

Our SaaS Security Posture Management (SSPM) solution is built precisely for these moments. Here’s how it helps Asana customers today:

• Detects use of MCP in your environment: Our Identity Posture module identifies all non-human identities in Asana and flags if the MCP server is being used.
  
  
• Maps risk to specific accounts: Whether it’s an integration account or a dormant bot, we show who (or what) has access to what.
  
  
• Automates remediation: With built-in workflows, you can file a Jira ticket directly from the console to investigate or disable MCP usage.
  
  
• Surfaces dormant and local accounts: We help security teams root out accounts that may be unused or unmanaged but still hold sensitive access.
  
  

Visibility is the first step. Action is the second. Our product enables both.

Don’t Wait for the Email

Asana acted responsibly in notifying its customers. But proactive security doesn’t start with an inbox alert—it starts with continuous posture monitoring across all SaaS apps, including their shadow features and non-human access points.

If you’re unsure whether MCP or similar automation features are active in your environment, it’s time to ask the hard questions. Better yet, it’s time to get answers automatically.

Security isn’t just about users anymore. It’s about everything they (and their bots) touch.

Identity Posture Security is available today. Stay tuned as we continue to innovate with upcoming features such as Non-Human Identity Management, Shadow App Detection, Privilege Escalation Tracking, and more. 

Begin your 60-day free trial of SaaS Security Posture Management and discover the benefits of Identity Posture Security today.

—

Interested in seeing how we detect non-human identities in Asana and beyond? Contact your PANW representative or request a demo of SSPM.