A Python-based MCP server that provides integration between Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication. Developed by Jaime Guimera Coll, this implementation enables running KQL queries against Sentinel workspaces, managing Security Copilot skillsets/plugins, and executing prompts within Security Copilot. The server uses FastMCP for the transport layer and supports multiple authentication methods including interactive browser, client secret, and managed identity. It's particularly useful for security professionals developing, testing, and deploying Security Copilot KQL skills, allowing for seamless workflow from development to production environments.
暂无评论. 成为第一个评论的人!
登录以参与讨论
Highlight AIExecute KQL queries in Sentinel.
List skillsets in Security Copilot.
Upload or update a skillset/plugin.
Run a prompt or skill in Security Copilot.
