OpenCTI_MCP_Server
Verified Safeby 7elu-dl
Overview
This server connects Claude AI to an OpenCTI threat intelligence platform, allowing the AI to query, analyze, and manage cybersecurity intelligence data.
Installation
opencti-mcpEnvironment Variables
- OPENCTI_URL
- OPENCTI_TOKEN
Security Notes
The project demonstrates a strong focus on security best practices: API tokens are loaded from environment variables (`.env`) and explicitly warned against committing to version control. SSL verification is enabled by default for all HTTP communications. Input validation is performed for observable types and GraphQL queries use variables, reducing direct injection risks. There are no signs of 'eval', obfuscation, or arbitrary code execution. The documentation provides clear security notes on token management and SSL usage.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
opencti_mcp_server
Connects Claude Desktop to OpenCTI's threat intelligence platform for AI-augmented threat intelligence analysis and reporting, enabling natural language queries and context-aware responses.
mcp-server-cortex
This server acts as a bridge, exposing Cortex threat intelligence analysis capabilities as tools consumable by Model Context Protocol (MCP) clients, such as large language models (LLMs).