mcp-server-cortex
Verified Safeby gbrigandi
Overview
This server acts as a bridge, exposing Cortex threat intelligence analysis capabilities as tools consumable by Model Context Protocol (MCP) clients, such as large language models (LLMs).
Installation
cargo build --release && target/release/mcp-server-cortexEnvironment Variables
- CORTEX_ENDPOINT
- CORTEX_API_KEY
- RUST_LOG
Security Notes
The server correctly retrieves sensitive API keys (CORTEX_API_KEY) from environment variables rather than hardcoding them. It implements robust input validation for IPs, URLs, and hashes, preventing the analysis of private IPs, malicious URL schemes (e.g., `javascript:`, `file:`), or malformed inputs. The overall security is contingent on the proper configuration and security of the underlying Cortex instance and its integrated analyzers.
Similar Servers
falcon-mcp
The Falcon MCP (Model Context Protocol) server acts as a middleware, connecting AI agents with the CrowdStrike Falcon cybersecurity platform to enable intelligent security analysis and automation in agentic workflows.
1xn-vmcp
An open-source tool for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, facilitating fine-grained context-engineering for AI workflows and agents.
opencti_mcp_server
Connects Claude Desktop to OpenCTI's threat intelligence platform for AI-augmented threat intelligence analysis and reporting, enabling natural language queries and context-aware responses.
mcp-cyberbro
This MCP server integrates the Cyberbro threat intelligence platform with LLMs to extract, analyze, and check the reputation of Indicators of Compromise (IoCs).