AUTOMATIONSWITCH
// MCP Server Category

SECURITY MCP SERVERS

Security servers let models interact with security systems through the MCP protocol. Each entry carries an editorial score, security notes, and per-client connection configs.

Servers
9
Avg editorial score
4.1 / 5
Official servers
4
Added this quarter
9
Last re-verified
MAY 7, 2026
Share:
// Top rated

THE THREE TO BEAT

01Top of category
VendorSecurity

Prowler MCP

Prowler

Cloud Security Posture Management (CSPM) platform with 1000+ security checks across multiple cloud providers and 70+ compliance frameworks, exposed through MCP. Three deployment options: Prowler Cloud (recommended), local stdio, self-hosted HTTP. 100 commits on the parent monorepo in the last 30 days. Tools follow a consistent prefix convention: prowler_app_ for Cloud and self-managed App, prowler_hub_ for the security knowledge base, prowler_docs_ for documentation.

8 Tools13,717 Stars
View details →
02Runner up
Official

CrowdStrike Falcon MCP

CrowdStrike

Official CrowdStrike Falcon MCP server. Connect AI agents to CrowdStrike Falcon for automated security analysis and threat hunting. 148 stars and 8 commits on main in the last 30 days. Pairs with Prowler, Auth0, Vault in the security category for incident response flows.

4.4/5
View details →
03Third place
Vendor

Auth0 MCP Server

Auth0

Official Auth0 MCP server connecting Claude, Cursor, Windsurf, VS Code, and Gemini to Auth0 Management APIs. Create apps, deploy Actions, debug logs, and query users with natural-language commands. 11 commits on main in the last 30 days. Currently in beta (0.1.0-beta.11 on npm); Auth0 marks the package as beta software. Strong official-vendor signal balanced against the beta status.

4.3/5
View details →
Type
Sort
9 of 9
// All in category

ALL SECURITY SERVERS

Vendor4.6/5

Prowler MCP

Prowler

Cloud Security Posture Management (CSPM) platform with 1000+ security checks across multiple cloud providers and 70+ compliance frameworks, exposed through MCP. Three deployment options: Prowler Cloud (recommended), local stdio, self-hosted HTTP. 13,717 stars, Apache-2.0.

8 tools · 13,717 ★Details →
Official4.4/5

CrowdStrike Falcon MCP

CrowdStrike

Official CrowdStrike Falcon MCP server. Connect AI agents to CrowdStrike Falcon for automated security analysis and threat hunting. 148 stars and 8 commits on main in the last 30 days.

7 tools · 148 ★Details →
Vendor4.3/5

Auth0 MCP Server

Auth0

Official Auth0 MCP server connecting Claude, Cursor, Windsurf, VS Code, and Gemini to Auth0 Management APIs. Create apps, deploy Actions, debug logs, and query users with natural-language commands. Read-only mode and tool-glob filtering supported. Beta software per Auth0.

8 tools · 106 ★Details →
Official4.2/5

HashiCorp Vault MCP

HashiCorp

Official HashiCorp MCP for Vault: secrets, mounts, KV, and PKI management with stdio and Streamable HTTP transports. 9 commits on main in the last 30 days. MPL-2.0 with HashiCorp official-vendor signal.

9 tools · 45 ★Details →
Official4.1/5

AWS IAM MCP

AWS Labs

Official AWS Labs MCP for IAM administration: users, roles, groups, policies, inline policies, access keys, and policy simulation. Read-only mode supported via --allow-write opt-in pattern. Apache-2.0 within awslabs/mcp monorepo.

7 tools · 8,924 ★Details →
Official4/5

AWS CloudTrail MCP

AWS Labs

Official AWS Labs MCP for CloudTrail: 90 days of management events via lookup_events and Trino-compatible SQL queries against CloudTrail Lake Event Data Stores. 3 commits on the server path in the last 30 days. Pairs with the IAM MCP for security audit workflows.

5 tools · 8,924 ★Details →
Vendor4/5

Infisical MCP

Infisical

Official Infisical MCP server for secrets management. 10 tools cover the full secret lifecycle plus project, environment, folder, and member management. Two authentication methods (machine identity universal-auth and access-token), self-hostable instance support via INFISICAL_HOST_URL.

10 tools · 45 ★Details →
Vendor3.8/5

Trivy MCP

Aqua Security

Official Aqua Security Trivy plugin that turns Trivy scanning capabilities into an MCP server. Distributed as a Trivy plugin: `trivy plugin install mcp`. Three transport modes (stdio, streamable HTTP, SSE), IDE integration for VS Code, Cursor, JetBrains, and Claude Desktop.

4 tools · 37 ★Details →
Vendor3.7/5

Okta MCP Server

Okta

Official Okta IAM MCP. Full CRUD on users, groups, applications, and policies via the Okta Python SDK. Two authentication methods (Device Authorization Grant for interactive use, Private Key JWT for server-to-server) and integration with the MCP Elicitation API for confirming destructive operations.

6 tools · 31 ★Details →
// Related categories

CATEGORIES TO CROSS-REFERENCE

Dev Tools
22 serversAvg 4.3
Productivity
20 serversAvg 4.2
AI / ML
13 serversAvg 4.2
Cloud
12 serversAvg 4.2
Infrastructure
12 serversAvg 4.2
Database
11 serversAvg 4.3
// Stay current

GET THE SECURITY MCP WATCHLIST.

We score a new security MCP the week it ships. Get the update, plus any re-scores when a server changes enough to move its rating. One email per week maximum.

// Tagged mcp-category-security · Unsubscribe any time