Enrichment icon

Enrichment

Enriches data from multiple security products using a Model Context Protocol server.

About

This tool provides an MCP server implementation for enriching observable data using various third-party security services like VirusTotal, Hybrid Analysis, and AlienVault. It leverages the security-cli Python package to perform enrichment and communicate with these services, enabling easy integration with the Model Context Protocol and providing valuable context for security investigations.

Key Features

  • Supports multiple observable types (IP, Domain, URL, Email)
  • Uses security-cli for service communication and configuration
  • Integrates with various security services (VirusTotal, HybridAnalysis, AlienVault, etc.)
  • Configurable via YAML and environment variables
  • Provides customizable prompt templates for different services
  • 0 GitHub stars

Use Cases

  • Investigating suspicious IPs, domains, and URLs
  • Enriching security alerts with threat intelligence data
  • Providing contextual information for security incidents
Craft Better Prompts with AnyPrompt