Monitor threat intel, analyze IOCs, and investigate security incidents in real time.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "ThreatWatch MCP" yet — see the docs or source repo.
Monitor the latest threat alerts, rank them by severity, and summarize the source, affected assets, related IOCs, and recommended response steps for each alert.
A prioritized alert list with key summaries and recommended response actions.
Analyze the following IOCs (IPs, domains, hashes), combine intelligence from multiple sources, assess maliciousness, identify related activity and possible threat families, and provide investigation recommendations.
An IOC analysis report with reputation assessment, related clues, risk notes, and next investigation steps.
Using the current alerts and IOC results, map the incident timeline, possible attack path, impact scope, and list hypotheses that need further validation.
A structured incident investigation summary with timeline, suspected attack chain, impact assessment, and validation items.
Query threat intelligence and trace incidents for faster security triage automation.
Investigate threat indicators via urlscan and VirusTotal with compact structured results.
Retrieve normalized OpenCTI threat intelligence with context for indicators, actors, and reports.
Query Wazuh in natural language for triage, hunting, audits, and response.
Investigate threats and respond to incidents across security data with natural language.
Query vulnerability intelligence, risk scores, and attack-surface data for security decisions.