|
628 | 628 | ], |
629 | 629 | "transport": "stdio" |
630 | 630 | }, |
| 631 | + "crowdstrike-falcon": { |
| 632 | + "args": [ |
| 633 | + "--transport", |
| 634 | + "streamable-http", |
| 635 | + "--host", |
| 636 | + "0.0.0.0", |
| 637 | + "--port", |
| 638 | + "8000" |
| 639 | + ], |
| 640 | + "description": "Connects AI agents with the CrowdStrike Falcon platform for intelligent security analysis, providing programmatic access to detections, incidents, behaviors, threat intelligence, hosts, vulnerabilities, and identity protection capabilities.", |
| 641 | + "env_vars": [ |
| 642 | + { |
| 643 | + "description": "CrowdStrike API client ID", |
| 644 | + "name": "FALCON_CLIENT_ID", |
| 645 | + "required": true, |
| 646 | + "secret": true |
| 647 | + }, |
| 648 | + { |
| 649 | + "description": "CrowdStrike API client secret", |
| 650 | + "name": "FALCON_CLIENT_SECRET", |
| 651 | + "required": true, |
| 652 | + "secret": true |
| 653 | + }, |
| 654 | + { |
| 655 | + "description": "CrowdStrike API base URL (e.g., https://api.crowdstrike.com, https://api.us-2.crowdstrike.com, https://api.eu-1.crowdstrike.com)", |
| 656 | + "name": "FALCON_BASE_URL", |
| 657 | + "required": true |
| 658 | + }, |
| 659 | + { |
| 660 | + "description": "Comma-separated list of modules to enable (detections,incidents,intel,hosts,spotlight,cloud,idp). If not set, all modules are enabled.", |
| 661 | + "name": "FALCON_MCP_MODULES", |
| 662 | + "required": false |
| 663 | + }, |
| 664 | + { |
| 665 | + "description": "Enable debug logging - true or false (default: false)", |
| 666 | + "name": "FALCON_MCP_DEBUG", |
| 667 | + "required": false |
| 668 | + } |
| 669 | + ], |
| 670 | + "image": "quay.io/crowdstrike/falcon-mcp:latest", |
| 671 | + "metadata": { |
| 672 | + "last_updated": "2025-08-01T15:03:12Z", |
| 673 | + "pulls": 2049, |
| 674 | + "stars": 30 |
| 675 | + }, |
| 676 | + "permissions": { |
| 677 | + "network": { |
| 678 | + "outbound": { |
| 679 | + "allow_host": [ |
| 680 | + "api.crowdstrike.com", |
| 681 | + "api.us-2.crowdstrike.com", |
| 682 | + "api.eu-1.crowdstrike.com", |
| 683 | + "api.laggar.gcw.crowdstrike.com" |
| 684 | + ], |
| 685 | + "allow_port": [ |
| 686 | + 443 |
| 687 | + ], |
| 688 | + "insecure_allow_all": false |
| 689 | + } |
| 690 | + }, |
| 691 | + "read": [], |
| 692 | + "write": [] |
| 693 | + }, |
| 694 | + "repository_url": "https://github.com/crowdstrike/falcon-mcp", |
| 695 | + "status": "Active", |
| 696 | + "tags": [ |
| 697 | + "crowdstrike", |
| 698 | + "falcon", |
| 699 | + "security", |
| 700 | + "cybersecurity", |
| 701 | + "threat-intelligence", |
| 702 | + "detections", |
| 703 | + "incidents", |
| 704 | + "vulnerabilities", |
| 705 | + "endpoint-security", |
| 706 | + "threat-hunting", |
| 707 | + "incident-response", |
| 708 | + "malware-analysis", |
| 709 | + "identity-protection", |
| 710 | + "cloud-security" |
| 711 | + ], |
| 712 | + "target_port": 8000, |
| 713 | + "tier": "Official", |
| 714 | + "tools": [ |
| 715 | + "falcon_check_connectivity", |
| 716 | + "falcon_get_available_modules", |
| 717 | + "falcon_search_detections", |
| 718 | + "falcon_get_detection_details", |
| 719 | + "falcon_show_crowd_score", |
| 720 | + "falcon_search_incidents", |
| 721 | + "falcon_get_incident_details", |
| 722 | + "falcon_search_behaviors", |
| 723 | + "falcon_get_behavior_details", |
| 724 | + "falcon_search_actors", |
| 725 | + "falcon_search_indicators", |
| 726 | + "falcon_search_reports", |
| 727 | + "falcon_search_hosts", |
| 728 | + "falcon_get_host_details", |
| 729 | + "falcon_search_vulnerabilities", |
| 730 | + "falcon_search_kubernetes_containers", |
| 731 | + "falcon_count_kubernetes_containers", |
| 732 | + "falcon_search_images_vulnerabilities", |
| 733 | + "idp_investigate_entity" |
| 734 | + ], |
| 735 | + "transport": "streamable-http" |
| 736 | + }, |
631 | 737 | "elasticsearch": { |
632 | 738 | "args": [ |
633 | 739 | "http" |
|
767 | 873 | ], |
768 | 874 | "transport": "stdio" |
769 | 875 | }, |
770 | | - "falcon": { |
771 | | - "args": [], |
772 | | - "description": "Connects AI agents with the CrowdStrike Falcon platform for intelligent security analysis, providing programmatic access to detections, incidents, behaviors, threat intelligence, hosts, vulnerabilities, and identity protection capabilities.", |
773 | | - "env_vars": [ |
774 | | - { |
775 | | - "description": "CrowdStrike API client ID", |
776 | | - "name": "FALCON_CLIENT_ID", |
777 | | - "required": true, |
778 | | - "secret": true |
779 | | - }, |
780 | | - { |
781 | | - "description": "CrowdStrike API client secret", |
782 | | - "name": "FALCON_CLIENT_SECRET", |
783 | | - "required": true, |
784 | | - "secret": true |
785 | | - }, |
786 | | - { |
787 | | - "description": "CrowdStrike API base URL (e.g., https://api.crowdstrike.com, https://api.us-2.crowdstrike.com, https://api.eu-1.crowdstrike.com)", |
788 | | - "name": "FALCON_BASE_URL", |
789 | | - "required": true |
790 | | - }, |
791 | | - { |
792 | | - "description": "Comma-separated list of modules to enable (detections,incidents,intel,hosts,spotlight,cloud,idp). If not set, all modules are enabled.", |
793 | | - "name": "FALCON_MCP_MODULES", |
794 | | - "required": false |
795 | | - }, |
796 | | - { |
797 | | - "description": "Transport method - stdio, sse, or streamable-http (default: stdio)", |
798 | | - "name": "FALCON_MCP_TRANSPORT", |
799 | | - "required": false |
800 | | - }, |
801 | | - { |
802 | | - "description": "Enable debug logging - true or false (default: false)", |
803 | | - "name": "FALCON_MCP_DEBUG", |
804 | | - "required": false |
805 | | - }, |
806 | | - { |
807 | | - "description": "Host for HTTP transports (default: 127.0.0.1)", |
808 | | - "name": "FALCON_MCP_HOST", |
809 | | - "required": false |
810 | | - }, |
811 | | - { |
812 | | - "description": "Port for HTTP transports (default: 8000)", |
813 | | - "name": "FALCON_MCP_PORT", |
814 | | - "required": false |
815 | | - } |
816 | | - ], |
817 | | - "image": "quay.io/crowdstrike/falcon-mcp:latest", |
818 | | - "metadata": { |
819 | | - "last_updated": "2025-08-11T00:00:00Z", |
820 | | - "pulls": 1, |
821 | | - "stars": 30 |
822 | | - }, |
823 | | - "permissions": { |
824 | | - "network": { |
825 | | - "outbound": { |
826 | | - "allow_host": [], |
827 | | - "allow_port": [], |
828 | | - "insecure_allow_all": true |
829 | | - } |
830 | | - }, |
831 | | - "read": [], |
832 | | - "write": [] |
833 | | - }, |
834 | | - "repository_url": "https://github.com/crowdstrike/falcon-mcp", |
835 | | - "status": "Active", |
836 | | - "tags": [ |
837 | | - "crowdstrike", |
838 | | - "falcon", |
839 | | - "security", |
840 | | - "cybersecurity", |
841 | | - "threat-intelligence", |
842 | | - "detections", |
843 | | - "incidents", |
844 | | - "vulnerabilities", |
845 | | - "endpoint-security", |
846 | | - "threat-hunting", |
847 | | - "incident-response", |
848 | | - "malware-analysis", |
849 | | - "identity-protection", |
850 | | - "cloud-security" |
851 | | - ], |
852 | | - "tier": "Official", |
853 | | - "tools": [ |
854 | | - "falcon_check_connectivity", |
855 | | - "falcon_get_available_modules", |
856 | | - "falcon_search_detections", |
857 | | - "falcon_get_detection_details", |
858 | | - "falcon_show_crowd_score", |
859 | | - "falcon_search_incidents", |
860 | | - "falcon_get_incident_details", |
861 | | - "falcon_search_behaviors", |
862 | | - "falcon_get_behavior_details", |
863 | | - "falcon_search_actors", |
864 | | - "falcon_search_indicators", |
865 | | - "falcon_search_reports", |
866 | | - "falcon_search_hosts", |
867 | | - "falcon_get_host_details", |
868 | | - "falcon_search_vulnerabilities", |
869 | | - "falcon_search_kubernetes_containers", |
870 | | - "falcon_count_kubernetes_containers", |
871 | | - "falcon_search_images_vulnerabilities", |
872 | | - "idp_investigate_entity" |
873 | | - ], |
874 | | - "transport": "stdio" |
875 | | - }, |
876 | 876 | "fetch": { |
877 | 877 | "args": [], |
878 | 878 | "description": "Allows you to fetch content from the web", |
|
0 commit comments