Microsoft Security Copilot
Summary
A Python-based MCP server that provides integration between Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication. Developed by Jaime Guimera Coll, this implementation enables running KQL queries against Sentinel workspaces, managing Security Copilot skillsets/plugins, and executing prompts within Security Copilot. The server uses FastMCP for the transport layer and supports multiple authentication methods including interactive browser, client secret, and managed identity. It's particularly useful for security professionals developing, testing, and deploying Security Copilot KQL skills, allowing for seamless workflow from development to production environments.
Available Actions(4)
run_sentinel_query
Execute KQL queries in Sentinel.
get_skillsets
List skillsets in Security Copilot.
upload_plugin
Upload or update a skillset/plugin.
run_prompt
Run a prompt or skill in Security Copilot.
コミュニティレビュー
まだレビューはありません. 最初のレビューを投稿しましょう!
会話に参加するにはサインインしてください
