SecurityCopilot
Createdjguimera
Integrates with Microsoft Security Copilot and Sentinel to enhance development, testing, and deployment of security artifacts.
About
Facilitates the integration of Microsoft Security Copilot and Sentinel by providing an MCP server built with Python. It streamlines the development, testing, and deployment of Security Copilot artifacts, such as KQL skills and plugins, by acting as a bridge between development environments and the Security Copilot platform. It also supports running KQL queries against Microsoft Sentinel and managing skillsets/plugins within Security Copilot using various authentication methods.
Key Features
- Runs prompts and skills within Security Copilot.
- Manages Security Copilot skillsets/plugins (listing, uploading, updating).
- 14 GitHub stars
- Executes KQL queries against Microsoft Sentinel.
- Supports multiple authentication methods (interactive browser, client secret, managed identity).
- Provides a Cursor MCP client configuration for enhanced integration.
Use Cases
- Automate the uploading and updating of Security Copilot plugins.
- Develop, test, and deploy Security Copilot KQL skills.
- Run prompts and skills in Security Copilot for testing purposes.
