Microsoft Security Copilot
Summary
A Python-based MCP server that provides integration between Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication. Developed by Jaime Guimera Coll, this implementation enables running KQL queries against Sentinel workspaces, managing Security Copilot skillsets/plugins, and executing prompts within Security Copilot. The server uses FastMCP for the transport layer and supports multiple authentication methods including interactive browser, client secret, and managed identity. It's particularly useful for security professionals developing, testing, and deploying Security Copilot KQL skills, allowing for seamless workflow from development to production environments.
Available Actions(4)
run_sentinel_query
Execute KQL queries in Sentinel.
get_skillsets
List skillsets in Security Copilot.
upload_plugin
Upload or update a skillset/plugin.
run_prompt
Run a prompt or skill in Security Copilot.
커뮤니티 리뷰
아직 리뷰가 없습니다. 첫 번째 리뷰를 작성해 보세요!
대화에 참여하려면 로그인하세요
