A Python-based MCP server that provides integration between Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication. Developed by Jaime Guimera Coll, this implementation enables running KQL queries against Sentinel workspaces, managing Security Copilot skillsets/plugins, and executing prompts within Security Copilot. The server uses FastMCP for the transport layer and supports multiple authentication methods including interactive browser, client secret, and managed identity. It's particularly useful for security professionals developing, testing, and deploying Security Copilot KQL skills, allowing for seamless workflow from development to production environments.
No reviews yet. Be the first to review!
Sign in to join the conversation
Highlight AIExecute KQL queries in Sentinel.
List skillsets in Security Copilot.
Upload or update a skillset/plugin.
Run a prompt or skill in Security Copilot.
