SOAR MCP Server 是一个创新的安全编排平台集成解决方案，通过 Model Context Protocol 将 SOAR (Security Orchestration, Automation and Response) 能力直接集成到各种 AI 客户端中，包括 Claude Desktop、Cherry Studio、Cursor、Trae 等。它提供了完整的安全事件管理、剧本执行、威胁情报查询等功能，让 AI 助手具备专业的网络安全响应能力。

Fully automated, end-to-end SOC pipeline showcasing proficiency in SOAR (n8n), SIEM (Splunk), and AI Engineering. The workflow automates alert detection, enrichment (VirusTotal/AbuseIPDB), LLM triage (OpenAI/Claude MCP), and creates persistent case management tickets in DFIR-IRIS to drastically reduce MTTR.

Soar Debugger Adapter, LSP Server, and Soar MCP VS Code extension

MCP server for Tracecat SOAR platform — 44 tools for workflows, actions, cases, executions, secrets, tables, schedules & more

Expert Claude Code skills for building Tracecat SOAR workflows — action configuration, case management, workflow patterns, integrations & MCP tools guidance

基于Model Context Protocol (MCP)的 SOAR平台集成服务器，为 Claude Desktop、Cherry Studio、Cursor、Trae等基于大模型的MCP Client提供安全编排、自动化和响应领域的Playbook剧本能力。

Exposes Splunk SOAR as an MCP (Model Context Protocol) server endpoint. Claude Desktop, Claude Code, or any MCP-compatible AI client connects directly to SOAR and uses analyst-focused tools to read cases, artifacts, playbooks, and optionally write notes or run playbooks. Configure tools directly via the asset configuration checkboxes below.

No description available

No description available

MCP Server for Splunk SOAR - Connect AI assistants to any Splunk SOAR instance with configurable base URL and authentication token

Implements a MCP Server for IBM QRadar SOAR