Query and update ThreatLocker Portal data to automate security operations.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "ThreatLocker MCP" yet — see the docs or source repo.
Using ThreatLocker MCP, retrieve endpoint security status, policy alerts, and unresolved incidents from the last 24 hours, then summarize them by risk level.
A list of endpoint security statuses, alert summaries, and a risk-level breakdown.
Using ThreatLocker MCP, add an application allowlisting policy for finance department devices to permit a specified app, and report the change result and affected scope.
A policy creation or update result, affected device scope, and any conflict warnings.
Using ThreatLocker MCP, review current high-risk policy exceptions, list the owner, creation time, and reason for each, and provide actionable remediation recommendations.
An audit report of high-risk exceptions with prioritized remediation recommendations.
Triage RocketCyber alerts, track MTTR, and analyze security posture.
Sync ConnectWise Automate data to SQLite for offline cross-client RMM analysis.
Access email threats, investigate cases, and generate reports in terminal or AI agents.
Let your AI agent manage PagerDuty alerts, incidents, and on-call workflows.
Sync Veeam console tenants to local SQLite for offline backup insights.
Triage backups, detect stale snapshots, and analyze backup health across engines.
Query Proofpoint threats, clickers, and IOCs from the terminal with local storage.
Query threat intelligence and trace incidents for faster security triage automation.
Capture and analyze network packets to detect threats and vulnerability signals.
Secure MCP servers with policy checks, redaction, access control, and audit logs
Gate MCP agent actions through compliance policies before execution.
Coordinate exclusive resource claiming, releasing, and listing across multiple AI agents.