We're heading to Amsterdam for KubeCon + CloudNativeCon EU 2026, and we'd love to see you there!
From March 24-26, you can find us on the KubeCon floor demoing Cosmonic Control, our Kubernetes-native control plane for running WebAssembly workloads in secure, sandboxed environments. Whether you're exploring Wasm for the first time or looking for a production-grade platform for microservices, AI agents, and other sensitive workloads, stop by and see what Control can do.
Over on the VMware Cloud Foundation blog, Ka-Kit Wong has published an excellent guide to running Cosmonic Control on vSphere Kubernetes Service (VKS).
We're heading to Atlanta for KubeCon + CloudNativeCon NA 2025, and we'd love to see you there!
On November 10-13, you can find us sponsoring Cloud Native AI Day and talking SandboxMCP, exploring new developments in Wasm at WasmCon, and sharing the latest from Cosmonic Control and wasmCloud on the KubeCon floor.
Plus, the Cosmonic crew will be presenting throughout the show, talking service meshes, Wasm instrumentation, WASI WebGPU, GitOps with Wasm workloads, and more.
Servers using the Model Context Protocol (MCP) from Anthropic have become the industry standard approach for extending the capabilities of Large Language Models (LLMs) and creating agentic workflows. WebAssembly (Wasm) components are quickly emerging as the ideal unit of deployment, providing a secure-by-default sandbox for MCP servers.
In this blog, we'll explain how you can use the open source Wasm Shell (wash) CLI and OpenAPI2MCP to quickly and easily develop MCP servers that enable models to use APIs defined in the OpenAPI specification—and then compile those MCP servers to Wasm component binaries that can be deployed to Kubernetes with Cosmonic Control.
As organizations race to implement AI agents, many are building Model Context Protocol (MCP) servers to mediate between Large Language Models (LLMs) and external tools and resources. Among the most crucial challenges in deploying MCP servers is security: the non-deterministic input and output of LLMs create agentic-specific risks such as LLM prompt injection, data exfiltration, execution environment risks, and more.
WebAssembly (Wasm) components provide new real-time security controls to address the MCP security problem. Wasm component binaries are portable, polyglot sandboxes that interact with the outside world via explicitly enabled, language-agnostic interfaces. When MCP servers are compiled to Wasm, they can be deployed with the confidence that agents can only interact with approved tools and resources in approved ways.
In this blog, we'll examine patterns for remote-hosting sandboxed MCP servers, explain how Wasm helps to mitigate security risks associated with AI agent integration, and demonstrate how to deploy a sandboxed MCP server with Wasm using Kubernetes and Cosmonic Control.
Recently, we launched the Cosmonic Control Technical Preview, giving platform engineering teams the chance to try our enterprise control plane for managing WebAssembly (Wasm) workloads in cloud-native environments.
Cosmonic Control integrates seamlessly with existing cloud native standards, technologies, and estates, so you can deploy and manage Wasm workloads with industry-standard patterns and tooling, such as GitOps with Argo CD.
In this blog, we'll take a look at how Cosmonic Control integrates with Argo CD, enabling platform engineering teams to manage ultra-dense sandboxed platforms with Wasm using their existing GitOps approach. Then we'll walk through deploying Cosmonic Control and a Wasm component with Argo CD.
Cosmonic is proud to announce the launch of our Cosmonic Control Technical Preview for platform engineering teams.
Cosmonic Control is the enterprise control plane for managing ultra-dense sandboxed platforms with WebAssembly (Wasm). Building on the Incubating CNCF project wasmCloud, Cosmonic Control gives platform engineering teams a single interface and unified control plane to…
Today, we’re launching the Technical Preview for Cosmonic Control, an enterprise control plane for managing WebAssembly (Wasm) workloads in cloud native environments.
Cosmonic Control is built on the open source foundations of wasmCloud, an Incubating project at the Cloud Native Computing Foundation (CNCF) that originated with the founders of Cosmonic.
Since we’re launching an enterprise product built on open source, now seems like a good time to lay down some of our guiding principles and commitments.
We’re back on the road, and bringing something very special to Europe this Spring. Our annual European trek to KubeCon + CloudNativeCon Europe 2025 is a particularly momentous one as we introduce Cosmonic Control.
If you’re in London for KubeCon, come and find out more at Cosmonic booth S680 and CNCF wasmCloud project booth on Wednesday afternoon/evening. As usual, the team will be on stage during both events and so here’s a summary of where we’ll be, and what we’re talking about this year. We’re looking forward to catching up with everyone in London!
If you want to use AI agents for enterprise development, you’ve got some big security questions to answer. For example: How do you limit the capabilities that agentic developers can access in your environments? You don’t want to give them access to your whole platform, and you probably shouldn’t just YOLO AI-generated code into a container and deploy.
But what if you could give AI agents a custom sandbox with a limited number of capabilities? WebAssembly makes it possible, and wasmCloud gives you a way to deploy agents’ code with custom capabilities injected at runtime—all executing safely within the sandbox.
In this blog, we’ll walk through how it all works as part of a hands-on demo that you can try for yourself at KubeCon EU 2025 in London.
Subscribe to Cosmonic for occasional communication straight to your inbox.
