automated-bod-25-01-cisa-microsoft-policies-mcp
A Model Context Protocol (MCP) server to enforce CISA BOD 25-01 security controls for Microsoft 365 via Microsoft Graph API, enabling automated policy management and compliance monitoring.
About this tool
automated-bod-25-01-cisa-microsoft-policies-mcp
Category: security-attestation-mcp-servers
Tags: mcp, security, compliance, microsoft-365
Source: GitHub Repository
Description
A Model Context Protocol (MCP) server that enforces CISA Binding Operational Directive 25-01 security controls for Microsoft 365 (Azure AD/Entra ID) environments. It integrates with the Microsoft Graph API to automate policy management, compliance monitoring, and reporting for Microsoft 365 security configurations.
Features
- Automated Enforcement of CISA BOD 25-01 Controls: Implements required security controls for Microsoft 365, including:
- Block legacy authentication (MS.AAD.1.1v1)
- Block high-risk users and sign-ins (MS.AAD.2.1v1 & MS.AAD.2.3v1)
- Enforce and configure MFA (MS.AAD.3.1v1, MS.AAD.3.2v1, MS.AAD.3.3v1)
- Application controls (MS.AAD.5.1v1 - MS.AAD.5.4v1)
- Password policy enforcement (MS.AAD.6.1v1)
- Privileged role management (MS.AAD.7.1v1 - MS.AAD.7.8v1)
- Integration with Microsoft Graph API: Uses Graph API for direct policy management and status retrieval.
- Compliance Monitoring: Monitors and reports on the compliance status of all enforced policies.
- API Tools and Endpoints:
- block_legacy_auth: Block legacy authentication methods
- block_high_risk_users: Block high-risk users
- enforce_phishing_resistant_mfa: Ensure phishing-resistant MFA is enabled
- configure_global_admins: Manage global admin role assignments
- get_policy_status: Retrieve current status of all security policies
- Comprehensive Error Handling: Handles authentication, API, validation, and runtime errors with structured responses.
- Extensible Architecture: Modular components including server class, authentication, Graph client, and tools.
- Installation via Smithery: Can be installed and configured automatically using Smithery or manually.
- Security Considerations: Focuses on authentication, API access, and data protection.
- Open Source: Licensed under MIT.
Pricing
No pricing information is provided; the project is open source under the MIT license.
Resources
Loading more......
Information
Categories
Tags
Similar Products
6 result(s)An MCP server exposing Conveyor’s security review and questionnaire automation platform to MCP-compatible agents, enabling programmatic access to security review workflows.
MCP server designed for analyzing ROADrecon gather results from Azure tenant enumeration, illustrating specialized security analysis via MCP servers.
An MCP server running inside a trusted execution environment, enabling remote attestation and secure server verification for MCP clients.
A compliance-focused MCP server platform ideal for HIPAA-regulated and security-sensitive apps, offering production-ready infrastructure and robust security features.
A secure MCP server for executing shell commands with robust security controls, enabling protected command-line operations. Directly relevant as a widely-used MCP server for secure CLI automation.
An MCP server offering secure, sandboxed environments for executing code, running commands, accessing files, and performing web operations through containerization and isolation technologies.