Wazuh-MCP-Server

Wazuh-MCP-Server

3.5
security

If you are the rightful owner of Wazuh-MCP-Server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

Wazuh MCP Server is an AI-powered security operations platform that integrates conversational AI with traditional SIEM operations.

Wazuh MCP Server is a cutting-edge platform that revolutionizes security operations by integrating AI-powered threat detection, automated incident response, and natural language security analysis. It bridges the gap between traditional Security Information and Event Management (SIEM) systems and conversational AI, allowing security teams to interact with their Wazuh infrastructure using natural language through Claude Desktop. This innovative approach enables faster incident response, AI-enhanced threat analysis, and automated workflows, making security operations more efficient and accessible. The platform supports real-time intelligence gathering from multiple threat intelligence sources and offers a lower learning curve for new team members, allowing them to be productive without needing to learn complex query languages.

Features

  • Advanced Threat Detection & Analysis: Utilizes multi-dimensional risk scoring, ML-based anomaly detection, and MITRE ATT&CK mapping for comprehensive threat analysis.
  • Natural Language Security Operations: Allows users to interact with the system using natural language queries for security operations.
  • Compliance Automation: Supports multiple compliance frameworks and provides automated gap analysis and audit-ready reports.
  • Threat Intelligence Integration: Integrates with various threat intelligence sources like VirusTotal, Shodan, and AbuseIPDB.
  • Technical Architecture: Features a robust architecture with components like MCP Protocol Handler, Async API Client, and Intelligence Aggregator.

Tools

  1. get_alerts

    Retrieve and filter security alerts

  2. analyze_threats

    Advanced threat analysis with ML

  3. risk_assessment

    Comprehensive risk scoring

  4. detect_anomalies

    ML-based anomaly detection

  5. check_agent_health

    Agent health monitoring

Related MCP Servers

View all security servers →
LitterBox

LitterBox

3.7

by BlackSnufkin

LitterBox is a controlled sandbox environment for security professionals to develop and test payloads, offering advanced analysis capabilities.

security
kubectl-mcp-server

kubectl-mcp-server

3.7

by rohitg00

Kubectl MCP Server is a Model Context Protocol server for Kubernetes, enabling AI assistants to interact with Kubernetes clusters using natural language.

os_automation
volatility3-mcp

volatility3-mcp

3.7

by Kirandawadi

Volatility3 MCP Server is a tool that integrates MCP clients with the Volatility3 memory forensics framework, enabling LLMs to perform memory forensics tasks through a conversational interface.

security
enrichmcp

enrichmcp

3.7

by featureform

MCPEngine is a production-grade, HTTP-first implementation of the Model Context Protocol (MCP), providing a secure, scalable, and modern framework for exposing data, tools, and prompts to Large Language Models (LLMs) via MCP.

developer_tools
osv-mcp

osv-mcp

3.7

by StacklokLabs

An MCP server providing access to the OSV database for querying vulnerability information.

databases
code-sandbox-mcp

code-sandbox-mcp

3.6

by Automata-Labs-team

A secure sandbox environment for executing code within Docker containers. This MCP server provides AI applications with a safe and isolated environment for running code while maintaining security through containerization.

security
win-cli-mcp-server

win-cli-mcp-server

3.6

by SimonB97

MCP server for secure command-line interactions on Windows systems, enabling controlled access to PowerShell, CMD, Git Bash shells, and remote systems via SSH.

os_automation
obsidian-mcp-tools

obsidian-mcp-tools

3.6

by jacksteamdev

MCP Tools for Obsidian enables AI applications like Claude Desktop to securely access and work with your Obsidian vault through the Model Context Protocol (MCP).

ai_chatbot
ida-mcp-server-plugin

ida-mcp-server-plugin

3.6

by taida957789

IDA Pro MCP Server is a plugin that allows remote querying and control of IDA Pro through the Model Context Protocol (MCP) interface.

developer_tools
WireMCP

WireMCP

3.6

by 0xKoda

WireMCP is a Model Context Protocol server that enhances Large Language Models with real-time network traffic analysis capabilities using tools built on Wireshark's `tshark`.

security
BloodHound-MCP

BloodHound-MCP

3.6

by stevenyu113228

BloodHound MCP is an extension of the BloodHound tool that enables LLMs to interact with and analyze Active Directory environments using natural language queries.

security
jadx-mcp-server

jadx-mcp-server

3.6

by zinja-coder

JADX-MCP-SERVER is a fully automated MCP server designed to work with the JADX-AI-MCP Plugin for analyzing Android APKs using LLMs like Claude.

ai_chatbot
MCP2Lambda

MCP2Lambda

3.6

by danilop

MCP2Lambda allows LLMs to interact with AWS Lambda functions as tools, enabling access to real-time and private data, execution of custom code, and interaction with external services.

cloud_platforms
mcp-virustotal

mcp-virustotal

3.5

by BurtTheCoder

The VirusTotal MCP Server is a Model Context Protocol server designed for querying the VirusTotal API, providing comprehensive security analysis tools with automatic relationship data fetching.

security
dynatrace-mcp

dynatrace-mcp

3.5

by dynatrace-oss

This remote MCP server allows interaction with the Dynatrace observability platform, bringing real-time observability data directly into your development workflow.

monitoring
mcp-server-wazuh

mcp-server-wazuh

3.5

by gbrigandi

A Rust-based server designed to bridge the gap between a Wazuh Security Information and Event Management (SIEM) system and applications requiring contextual security data, specifically tailored for the Claude Desktop Integration using the Model Context Protocol (MCP).

security
VibeShift

VibeShift

3.5

by GroundNG

VibeShift is an intelligent security agent designed to integrate seamlessly with AI coding assistants, acting as an automated security engineer to analyze code, identify vulnerabilities, and facilitate AI-driven remediation.

security
TriageMCP

TriageMCP

3.5

by eversinc33

TriageMCP is an MCP server designed to enable a Language Model (LLM) to perform basic static triage of Portable Executable (PE) files.

security
roadrecon_mcp_server

roadrecon_mcp_server

3.5

by atomicchonk

The ROADrecon MCP Server provides AI assistants like Claude with access to ROADRecon Azure AD data for security analysis.

security
aws-security-mcp

aws-security-mcp

3.5

by groovyBugify

AWS Security MCP is a Model Context Protocol server that allows AI assistants to autonomously inspect and analyze AWS infrastructure for security issues.

security
GhidraMCP

GhidraMCP

3.5

by 13bm

A Ghidra plugin that implements the Model Context Protocol (MCP) for AI-assisted binary analysis.

developer_tools
mcp_zoomeye

mcp_zoomeye

3.5

by zoomeye-ai

A Model Context Protocol (MCP) server that provides network asset information based on query conditions.

research_and_data
NGCBot-MCP

NGCBot-MCP

3.5

by ngc660sec

NGCBot-MCP-Server is a WeChat bot based on the HOOK mechanism, supporting various features like security news push, AI responses, and more.

communication
mcp-security-audit

mcp-security-audit

3.5

by qianniuspace

A powerful MCP (Model Context Protocol) Server that audits npm package dependencies for security vulnerabilities.

security
cve-search_mcp

cve-search_mcp

3.5

by roadwy

A Model Context Protocol (MCP) server for querying the CVE-Search API, providing access to CVE data, vendor and product browsing, and more.

security
C4Diagrammer

C4Diagrammer

3.5

by jonverrier

C4Diagrammer is a Model Context Protocol (MCP) server implementation designed to generate documentation for existing systems, providing tools for generating code summaries and C4 architecture diagrams using Mermaid.js.

developer_tools
Rootly-MCP-server

Rootly-MCP-server

3.5

by Rootly-AI-Labs

An MCP server for Rootly API that integrates with MCP-compatible editors to resolve production incidents efficiently.

developer_tools