Ontolocy Server

Simple proof of concept MCP server to augment an LLM with Ontolocy cyber graph capabilities.

Key technologies:

• Neo4j - for the graph database
• MCP Python SDK - for the MCP server
• PydanticAI - for the client (which connects to the MCP server)
• Neontology - Interacting with Neo4j using pydantic models
• Ontolocy - Cyber graph ontology and tooling built with Neontology

Quickstart

Pre-Requisites

Install dependencies with uv:

uv sync

Make sure you have a .env file which specifies:

FASTMCP_PORT=8008

OPENAI_API_KEY=<YOUR API KEY>

NEO4J_URI="neo4j://localhost:7687"
NEO4J_USERNAME=neo4j
NEO4J_PASSWORD=<YOUR NEO4J PASSWORD>

Ensure your Neo4j database is running and accessible. Be warned, the LLM may run arbitrary queries against it!

Populate the Graph

Use Ontolocy to populate the graph with MITRE ATT&CK data from the official github repo.

uv run ontolocy parse mitre-attack

Start the Server

uv run server.py

This will make the MCP server available on the port configured in the .env file (e.g.8008).

Use the CLI Client

uv run mcp_sse_client.py lookup mitre attack technique T1090 in the ontolocy cyber graph