MHaggis/Security-Detections-MCP
An MCP server that lets LLMs query a unified database of security detection rules from Sigma, Splunk, Elastic, KQL, Sublime, and CrowdStrike.
Velocity · 7d
+3.0
★ / day
Trend
→steady
star history
This Model Context Protocol server exposes 81 tools enabling AI agents to search, retrieve, and query security detection rules across multiple security platforms. It indexes rule repositories locally or provides access via a hosted HTTP endpoint, allowing LLMs to leverage structured detection logic for cybersecurity tasks.