secureframe-mcp-server

secureframe/secureframe-mcp-server

3.3

If you are the rightful owner of secureframe-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

This server provides read-only access to Secureframe's compliance automation platform for AI assistants.

The Secureframe MCP Server is a Model Context Protocol server designed to facilitate read-only access to Secureframe's comprehensive compliance automation platform. It is tailored for AI assistants such as Claude and Cursor, enabling them to query security controls, monitor compliance tests, and access audit data across various frameworks including SOC 2, ISO 27001, CMMC, and FedRAMP. The server is currently in public beta, offering a secure and efficient way to integrate compliance data into AI-driven workflows. Users are advised to review and validate AI-generated insights to ensure alignment with organizational compliance policies and security standards. The server requires Python 3.7 or higher and Secureframe API credentials for setup, and it supports integration with MCP-compatible tools like Claude Desktop and Cursor IDE.

Features

  • Read-only access to compliance data
  • Supports multiple compliance frameworks
  • Integration with AI assistants
  • Powerful search capabilities using Lucene syntax
  • Secure and efficient data handling

Usages

usage with Claude Desktop

{
  "mcpServers": {
    "secureframe": {
      "command": "python",
      "args": ["/absolute/path/to/secureframe-mcp-server/main.py"],
      "env": {
        "SECUREFRAME_API_KEY": "your_api_key",
        "SECUREFRAME_API_SECRET": "your_api_secret",
        "SECUREFRAME_API_URL": "https://api.secureframe.com"
      }
    }
  }
}

usage with Cursor IDE

{
  "mcpServers": {
    "Secureframe": {
      "command": "python",
      "args": ["/absolute/path/to/secureframe-mcp-server/main.py"],
      "env": {
        "SECUREFRAME_API_KEY": "your_api_key",
        "SECUREFRAME_API_SECRET": "your_api_secret",
        "SECUREFRAME_API_URL": "https://api.secureframe.com"
      }
    }
  }
}

Tools

  1. list_controls

    List security controls across frameworks with filtering

  2. list_tests

    List compliance tests with pass/fail status

  3. list_users

    List personnel and their compliance status

  4. list_devices

    List managed devices and security compliance

  5. list_user_accounts

    List user accounts from integrations

  6. list_tprm_vendors

    List third-party risk management vendors

  7. list_vendors

    List vendors (legacy API)

  8. list_frameworks

    List available compliance frameworks

  9. list_repositories

    List code repositories and audit scope

  10. list_integration_connections

    List integration status and connections

  11. list_repository_framework_scopes

    List framework scopes for specific repositories