splunk-soar-mcp-connector
by shanto12
Overview
Enables AI assistants to interact with Splunk SOAR instances for security operations and automation via the Model Context Protocol (MCP).
Installation
python mcp_server.pyEnvironment Variables
- SPLUNK_SOAR_URL
- SPLUNK_SOAR_TOKEN
Security Notes
The server uses `ssl.create_unverified_context()` which disables SSL certificate validation, making API communication vulnerable to Man-in-the-Middle (MITM) attacks. While noted for self-signed certificates, this is a critical security flaw for production environments handling sensitive security data. Additionally, the `mcp_server_remote.py` listens on `0.0.0.0` and would require careful exposure (e.g., secure reverse proxy with proper SSL and network segmentation) if used publicly, further exacerbating the initial SSL issue. No hardcoded secrets or 'eval' statements were found.
Similar Servers
burp-mcp-agents
Connects Burp Suite MCP Server to AI backends (Codex, Gemini, Ollama, LM Studio) for assisted, non-destructive vulnerability analysis using real Burp traffic.
dependency-management-mcp-server
Connects AI assistants to Sonatype's dependency management and security intelligence platform for real-time insights into open source security, license compliance, and dependency health within the development workflow.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.
mcp-pentest
An AI-driven middleware to orchestrate and manage penetration testing tools and engagements.