Acme

Built with
Ever Works
Ever Works

Connect with us

Stay Updated

Get the latest updates and exclusive content delivered to your inbox.

Product

  • Categories
  • Tags
  • Pricing
  • Help

Clients

  • Sign In
  • Register
  • Forgot password?

Company

  • About Us
  • Admin
  • Sitemap

Resources

  • Blog
  • Submit
  • API Documentation
All product names, logos, and brands are the property of their respective owners. All company, product, and service names used in this repository, related repositories, and associated websites are for identification purposes only. The use of these names, logos, and brands does not imply endorsement, affiliation, or sponsorship. This directory may include content generated by artificial intelligence.
Copyright © 2025 Acme. All rights reserved.·Terms of Service·Privacy Policy·Cookies
  1. Home
  2. Security & Attestation Mcp Servers
  3. Air MCP

Air MCP

Bridges to the Binalyze AIR digital forensics platform, providing endpoint security management through an MCP server.

🌐Visit Website

About this tool

Air MCP

GitHub Source

Category: Security Attestation MCP Servers
Tags: security, forensics, endpoint-management, integration

Description

Air MCP is a Node.js server that implements the Model Context Protocol (MCP) for the Binalyze AIR digital forensics platform. It acts as a bridge between large language models (LLMs) and AIR, enabling natural language interaction with AIR's digital forensics and incident response functions. This allows users to manage endpoint security and forensics tasks without writing code or learning complex APIs.

Features

  • Natural Language Interaction: Enables users to interact with Binalyze AIR forensics and incident response via natural language commands through supported MCP clients.
  • Endpoint Management: List, manage, and retrieve details about endpoints; assign tasks such as acquisition, reboot, shutdown, isolation, and log retrieval.
  • Acquisition Profiles and Artifacts: List, create, update, and retrieve acquisition profiles and artifacts for evidence collection, organized by platform and category.
  • Evidence Management: Assign acquisition and imaging tasks, list and manage evidence items, and export evidence data.
  • Case Management: Create, update, archive, and manage cases; manage case notes, activities, endpoints, tasks, and associated users.
  • Task Management: List, assign, update, cancel, and delete forensic and triage tasks; manage task assignments and retrieve detailed task information.
  • Policy Management: Create, update, delete, and manage security and collection policies; view policy statistics and matches by platform and endpoint status.
  • Triage Rules and Tags: List, create, update, validate, and delete triage rules and tags (YARA, OSQuery, Sigma) for threat detection.
  • Asset Tagging: Create, update, list, and manage auto asset tag rules; start auto-tagging processes for assets based on conditions.
  • Baseline Acquisition and Comparison: Acquire and compare baselines for endpoints and cases, and generate comparison reports.
  • E-discovery Patterns: List available patterns for file type detection.
  • Evidence Repository Management: Manage evidence repositories (SMB, SFTP, FTPS, Azure Storage, Amazon S3), including creation, validation, update, and deletion.
  • Audit Logs: Export and list audit logs, including timestamp, user, action, and entity details.
  • Organization Management: Create, update, and delete organizations; manage users and tags for organizations.
  • Webhook Integration: Call and post to webhooks with specified data and tokens.
  • System Banner Message: Update system-wide banner messages.
  • Authentication: Requires an API token (via AIR_API_TOKEN environment variable) for secure access.

Pricing

No pricing information is provided in the available content. Air MCP is open source and available on GitHub.

Surveys

Loading more......

Information

Websitegithub.com
PublishedMay 14, 2025

Categories

1 Item
Security & Attestation Mcp Servers

Tags

4 Items
#security
#forensics
#endpoint-management
#integration

Similar Products

6 result(s)
Defectdojo Mcp

Bridges to the DefectDojo vulnerability management system, enabling interaction with security findings, products, and engagements via the Model Context Protocol. Relevant as an MCP server integration for security workflows.

atomicchonk/roadrecon_mcp_server

MCP server designed for analyzing ROADrecon gather results from Azure tenant enumeration, illustrating specialized security analysis via MCP servers.

Attestable Server

MCP server running inside a trusted execution environment (TEE) via Gramine, showcasing remote attestation using RA-TLS.

automated-bod-25-01-cisa-microsoft-policies-mcp

A Model Context Protocol (MCP) server to enforce CISA BOD 25-01 security controls for Microsoft 365 via Microsoft Graph API, enabling automated policy management and compliance monitoring.

Bloodhound MCP

Enables security professionals to analyze Active Directory and Azure AD environments through natural language queries by connecting to BloodHound's Neo4j database. Provides a concrete MCP server example for security/IT. (Merged with 'Bloodhound MCP AI')

co-browser/attestable-mcp-server

An MCP server running inside a trusted execution environment, enabling remote attestation and secure server verification for MCP clients.