SecurityCopilotMCPServer
This project provides a Python-based MCP server for the integration of Microsoft Security Copilot and Microsoft Sentinel, leveraging Azure Identity Authentication. It facilitates running KQL queries, managing skillsets, and executing skills in Security Copilot.
What is the purpose of the Security Copilot and Sentinel MCP Server?
The server acts as a bridge between development environments and Microsoft Security Copilot, enabling the execution of KQL queries, management of skillsets/plugins, and running of prompts and skills.
What authentication methods are supported?
The server supports multiple authentication methods, including interactive browser, client secret, and managed identity.
How can I start the MCP server?
You can start the server by running the command python server.py in your terminal.
What tools does the MCP server provide?
The server provides tools such as run_sentinel_query, get_skillsets, upload_plugin, and run_prompt.
How can I contribute to the project?
Contributions are welcome! You can fork the repository, create a feature branch, commit your changes, push to the branch, and open a Pull Request.