Blackpoint
БесплатноНе проверенAn MCP server for Blackpoint Cyber MDR platform, enabling management of security monitoring, threat detection, and incident response through Blackpoint's API.
Описание
An MCP server for Blackpoint Cyber MDR platform, enabling management of security monitoring, threat detection, and incident response through Blackpoint's API.
README
Model Context Protocol (MCP) server for Blackpoint Cyber CompassOne - Managed Detection and Response (MDR) platform.
Features
This MCP server provides access to CompassOne's security capabilities through a decision-tree navigation interface:
Available Domains
- 🏢 Tenants: Customer tenant management
- 💻 Assets: Endpoint and server inventory (endpoint, server, network, cloud, mobile, iot)
- 🔍 Detections: Security detections and telemetry
- 🛡️ Vulnerabilities: Vulnerability management, dark web monitoring, external exposure scanning
Domain Structure
The server uses decision-tree navigation to organize tools:
- Initial State: Navigation tools only (
blackpoint_navigate,blackpoint_status) - Domain Entry: Navigate to a domain to see its specific tools
- Domain Tools: Use domain-specific operations
- Return: Use
blackpoint_backto return to navigation
Tool Naming Convention
All tools follow the pattern: blackpoint_{domain}_{action}
Examples:
blackpoint_assets_list- List assets by classblackpoint_detections_list- List security detectionsblackpoint_vulnerabilities_scans_list- List vulnerability scans
Installation
npm install blackpoint-mcp
Configuration
Environment Variables
| Variable | Description | Required |
|---|---|---|
BLACKPOINT_API_TOKEN |
CompassOne API token | Yes |
BLACKPOINT_BASE_URL |
API base URL (may vary by region/partner) | No |
MCP_TRANSPORT |
Transport mode: stdio or http |
No (default: stdio) |
MCP_HTTP_PORT |
HTTP port for gateway mode | No (default: 8080) |
AUTH_MODE |
Set to gateway for header-based auth |
No |
LOG_LEVEL |
Logging level: debug, info, warn, error | No (default: info) |
Gateway Mode
When AUTH_MODE=gateway, the server reads credentials from HTTP headers:
X-Blackpoint-API-Token→BLACKPOINT_API_TOKEN
This enables per-request authentication for multi-tenant gateways.
Usage
Standalone Mode (stdio)
# Set credentials
export BLACKPOINT_API_TOKEN="your-api-token"
# Run the server
blackpoint-mcp
Gateway Mode (HTTP)
export AUTH_MODE=gateway
export MCP_TRANSPORT=http
export MCP_HTTP_PORT=8080
blackpoint-mcp
Example Tool Calls
// Start by checking available domains
await tools.call("blackpoint_status");
// Navigate to assets domain
await tools.call("blackpoint_navigate", { domain: "assets" });
// List endpoint assets
await tools.call("blackpoint_assets_list", {
class: "endpoint",
pageSize: 10
});
// Get specific asset details
await tools.call("blackpoint_assets_get", {
id: "asset_12345"
});
// Return to navigation
await tools.call("blackpoint_back");
API Coverage
✅ Implemented
| Domain | Tools | Description |
|---|---|---|
| tenants | list, get |
Customer tenant management |
| assets | list, get, relationships, search |
Asset inventory and relationships |
| detections | list, get |
Security detections and telemetry |
| vulnerabilities | list, scans_list, darkweb_list, external_list |
Vuln management, dark web, external exposure |
📋 Planned
| Domain | Status | Notes |
|---|---|---|
| partners | SDK ready | Account management - ready to implement |
| alerts | Models only | API handlers not available in CompassOne wrapper |
| tickets | Models only | API handlers not available in CompassOne wrapper |
| cloud_security | SDK ready | M365/Google/Cisco onboarding - ready to implement |
| notifications | SDK ready | Contact groups and channels - ready to implement |
Partner vs Tenant Scoping
CompassOne uses hierarchical scoping: Partner → Tenants → Assets
- Partner tokens can access all associated tenants
- Tenant-scoped tokens are limited to specific customers
- Always specify
tenantIdparameters to avoid cross-tenant operations
Error Handling
The server provides structured error responses:
{
"content": [{
"type": "text",
"text": "Failed to list assets: Authentication failed"
}],
"isError": true
}
Common error scenarios:
- Authentication: Invalid or expired API token
- Rate Limiting: Automatic retry with exponential backoff
- Not Found: Requested resource doesn't exist
- Validation: Invalid parameters or missing required fields
Rate Limiting
The underlying SDK implements automatic rate limiting:
- Default: 60 requests per minute (1 per second)
- 429 Handling: Honors
Retry-Afterheaders - Backoff: Exponential backoff for subsequent requests
Docker
# Build
docker build -t blackpoint-mcp .
# Run in gateway mode
docker run -p 8080:8080 \
-e AUTH_MODE=gateway \
-e MCP_TRANSPORT=http \
-e MCP_HTTP_PORT=8080 \
blackpoint-mcp
Development
# Install dependencies
npm install
# Run in development mode
npm run dev
# Build
npm run build
# Test
npm test
# Lint
npm run lint
Security Considerations
API Access Requirements
- CompassOne Partner Agreement required for API access
- Partner-tier credentials needed for multi-tenant operations
- Scoped tokens recommended for tenant-specific access
Destructive Operations
The following operations require confirmation (when implemented):
- Asset isolation/response actions
- Ticket status changes with actions
- Alert acknowledgment/closure
- Remediation workflows
These use the elicitConfirmation pattern to prevent accidental execution.
Troubleshooting
Common Issues
No tools showing:
- Check
BLACKPOINT_API_TOKENis set - Verify token has correct scopes
- Check network connectivity to CompassOne API
Gateway mode not working:
- Verify
AUTH_MODE=gatewayis set - Check HTTP headers are passed correctly
- Confirm container networking allows connections
Rate limiting:
- Monitor logs for 429 responses
- Consider reducing request frequency
- Verify token isn't shared across instances
Debug Logging
export LOG_LEVEL=debug
blackpoint-mcp
Health Check
# Test basic connectivity
curl -X POST http://localhost:8080/ \
-H "Content-Type: application/json" \
-H "X-Blackpoint-API-Token: your-token" \
-d '{"jsonrpc": "2.0", "method": "tools/list", "id": 1}'
Contributing
- Fork the repository
- Create a feature branch:
git checkout -b feature-name - Make your changes and add tests
- Follow the domain handler pattern for new capabilities
- Submit a pull request
See CONTRIBUTING.md for detailed guidelines.
License
Apache-2.0 - see LICENSE for details.
Установка Blackpoint
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/wyre-technology/blackpoint-mcpFAQ
Blackpoint MCP бесплатный?
Да, Blackpoint MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Blackpoint?
Нет, Blackpoint работает без API-ключей и переменных окружения.
Blackpoint — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Blackpoint в Claude Desktop, Claude Code или Cursor?
Открой Blackpoint на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Blackpoint with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
