Response Server
БесплатноНе проверенEnables agentic SecOps by executing Microsoft Defender XDR response actions (device isolation, antivirus scans, forensic collection, incident management) throug
Описание
Enables agentic SecOps by executing Microsoft Defender XDR response actions (device isolation, antivirus scans, forensic collection, incident management) through natural language with orchestrators like GitHub Copilot.
README
A Model Context Protocol (MCP) server that enables agentic SecOps using orchestrators like VS Code with GitHub Copilot to execute Microsoft Defender XDR response actions. Deployed to Azure Container Apps for secure, authenticated, cloud-based access.
Overview
This MCP server exposes Microsoft Defender XDR capabilities as tools for agentic SecOps workflows. Security analysts use natural language through orchestrators like GitHub Copilot to manage incidents, isolate compromised devices, run antivirus scans, collect forensic packages, and execute incident response actions.
Showcase - https://markolauren.github.io/ResponseMCP/response-mcp-showcase.html
Works in Tandem with Sentinel MCP
This Response MCP server works in tandem with the Sentinel MCP server to provide a complete agentic SecOps workflow:
Sentinel MCP: Data exploration and threat triage
- Query security logs with KQL
- Investigate alerts and run hunting queries
- Analyze attack patterns and indicators
- Entity analysis
Response MCP (this server): Incident response and remediation
- Execute device response actions (isolate, restrict, quarantine)
- Take identity response actions (disable accounts, reset passwords)
- Manage incidents (classify, assign, comment)
Together, they enable end-to-end incident response: from detection and triage to containment and remediation, all through natural language interactions and agentic orchestration.
Example interactions:
- "Check the status of device WORKSTATION-01"
- "Isolate the compromised laptop immediately"
- "Run a full antivirus scan on the server"
- "Show me recent response actions on this device"
Architecture
┌─────────────────┐ ┌──────────────────────┐
│ VS Code + │────SSE────────▶│ Azure Container App │
│ GitHub Copilot │ X-API-Key │ (Response MCP) │
└─────────────────┘ Authentication└──────────────────────┘
│
│ Client Credentials
│ (Service Principal)
│
┌───────────────────┴───────────────────┐
▼ ▼
┌─────────────────────────────┐ ┌─────────────────────────────┐
│ Microsoft Defender │ │ Microsoft Graph API │
│ for Endpoint │ │ - Incident management │
│ - Device response actions │ │ - Identity actions (MDI) │
│ - Investigation packages │ └─────────────────────────────┘
└─────────────────────────────┘
SSE (Server-Sent Events): A web standard that maintains a persistent HTTP connection, allowing the MCP server to stream real-time responses back to the AI assistant.
Available Tools
Device Response Actions (Defender for Endpoint)
| Tool | Description |
|---|---|
echo |
Test server connectivity |
get_machine_by_name |
Find device by hostname |
get_machine_actions |
List response action history |
isolate_device |
Isolate device from network |
release_device |
Release device from isolation |
run_antivirus_scan |
Initiate Quick or Full AV scan |
stop_and_quarantine |
Stop process and quarantine file |
restrict_code_execution |
Block unsigned applications |
remove_code_restriction |
Remove code restrictions |
collect_investigation_package |
Collect forensic data |
get_investigation_package_uri |
Get download URL for investigation package |
isolate_multiple |
Bulk isolate multiple devices |
Identity Response Actions (Defender for Identity & Entra ID)
| Tool | Description | Provider |
|---|---|---|
disable_ad_account |
Disable Active Directory account | Active Directory |
enable_ad_account |
Re-enable Active Directory account | Active Directory |
force_ad_password_reset |
Force user to change password at next logon | Active Directory |
revoke_entra_sessions |
Revoke all Entra ID sessions and refresh tokens | Entra ID |
confirm_user_compromised |
Mark user as compromised in Identity Protection | Entra ID |
confirm_user_safe |
Dismiss user risk (mark as safe) in Identity Protection | Entra ID |
Incident Management
| Tool | Description |
|---|---|
update_incident_status |
Mark incident as active/resolved |
assign_incident |
Assign incident to analyst |
classify_incident |
Set classification (TP/FP) and determination |
add_incident_tags |
Add custom tags for categorization |
add_incident_comment |
Add investigation comments |
Prerequisites
1. Entra ID App Registration
Steps:
- Navigate to Azure Portal > Entra ID > App Registrations > New registration
- Name:
Response MCP Server(or your preferred name) - Supported account types: Accounts in this organizational directory only
- Click Register
- Name:
- Save these values (needed for deployment):
- Application (client) ID
- Directory (tenant) ID
- Create a client secret:
- Go to Certificates & secrets > New client secret
- Description:
Response MCP Secret - Expires: Choose expiration period (e.g., 12 months)
- Click Add
- Copy the secret value immediately (shown only once)
- Add API permissions:
- Go to API permissions > Add a permission
- Add the permissions listed below
- Grant admin consent for all permissions
Required Permissions
WindowsDefenderATP (Defender for Endpoint)
| Permission | Type | Description |
|---|---|---|
Machine.ReadWrite.All |
Application | Read machine actions and get investigation package URIs |
Machine.Isolate |
Application | Isolate/release machines |
Machine.Scan |
Application | Run antivirus scans |
Machine.StopAndQuarantine |
Application | Stop and quarantine files |
Machine.RestrictExecution |
Application | Restrict/unrestrict code execution |
Machine.CollectForensics |
Application | Collect investigation packages |
Microsoft Graph API
| Permission | Type | Description |
|---|---|---|
SecurityAlert.ReadWrite.All |
Application | Read and update security alerts |
SecurityIdentitiesAccount.Read.All |
Application | Read identity accounts from MDI |
SecurityIdentitiesActions.ReadWrite.All |
Application | Invoke actions on identity accounts |
SecurityIncident.ReadWrite.All |
Application | Read and update security incidents |
User.Read.All |
Application | Resolve UPNs to user IDs |
User.RevokeSessions.All |
Application | Revoke user sessions |
IdentityRiskyUser.ReadWrite.All |
Application | Mark users as compromised in Identity Protection |
2. Azure Subscription
For deploying to Azure Container Apps.
Azure Infrastructure:
┌─────────────────────────────────────────────────────────────┐
│ Resource Group: response-mcp-rg │
│ │
│ ┌────────────────────────────────────────────────────┐ │
│ │ Container Apps Environment │ │
│ │ - Managed Kubernetes infrastructure │ │
│ │ - Auto-scaling (min: 0, max: 3 replicas) │ │
│ │ │ │
│ │ ┌──────────────────────────────────────────┐ │ │
│ │ │ Container App: response-mcp │ │ │
│ │ │ - SSE endpoint on port 8000 │ │ │
│ │ │ - API key authentication │ │ │
│ │ │ - Environment secrets (Defender creds) │ │ │
│ │ │ - HTTPS ingress │ │ │
│ │ └──────────────────────────────────────────┘ │ │
│ │ │ │
│ └────────────────────────────────────────────────────┘ │
│ │
│ ┌────────────────────────────────────────────────────┐ │
│ │ Azure Container Registry (Basic) │ │
│ │ - Stores Docker images │ │
│ │ - ACR Tasks for cloud builds │ │
│ └────────────────────────────────────────────────────┘ │
│ │
│ ┌────────────────────────────────────────────────────┐ │
│ │ Log Analytics Workspace │ │
│ │ - Container App logs │ │
│ │ - Request/response tracing │ │
│ │ - 30-day retention │ │
│ └────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────┘
Deployment to Azure Container Apps
Prerequisites
- Azure CLI (v2.20.0+) - Install or
winget install Microsoft.AzureCLI - Bicep - Included with Azure CLI, upgrade with
az bicep upgradeif needed - Authenticated - Run
az loginbefore deployment - Entra ID App Registration with required API permissions (see Prerequisites section above)
- Azure subscription with permission to create resources
Step 1: Deploy Infrastructure (One-Time Setup)
Deploy the Azure infrastructure (Container Registry, Log Analytics, Container App environment):
.\infra\deploy-infrastructure.ps1 `
-ResourceGroup "response-mcp-rg" `
-Location "westeurope" `
-DefenderClientId "your-app-client-id" `
-DefenderClientSecret (ConvertTo-SecureString "your-client-secret" -AsPlainText -Force) `
-DefenderTenantId "your-tenant-id"
What happens:
- Creates resource group, Azure Container Registry, Log Analytics workspace
- Deploys Container App with managed environment and auto-scaling
- Auto-generates MCP API key and configures it as a secret
- Outputs SSE endpoint URL and displays the API key (save it - won't be shown again!)
Optional: Provide your own API key:
-McpApiKey (ConvertTo-SecureString "your-custom-api-key" -AsPlainText -Force)
Step 2: Build and Deploy Container
Build the Docker image and deploy it to the Container App:
.\infra\deploy-container.ps1 -ResourceGroup "response-mcp-rg"
What happens:
- Builds Docker image in Azure Container Registry (cloud build - no local Docker required)
- Uploads source code to Azure
- Builds container image on Azure infrastructure
- Creates new revision with timestamp
- Updates Container App and activates the new revision
Note: Docker Desktop is not required - the build happens entirely in Azure using ACR Tasks.
For subsequent updates: Just run Step 2 again to deploy code changes.
Step 3: Configure VS Code
Add to your MCP settings:
{
"mcpServers": {
"response-mcp": {
"type": "sse",
"url": "https://your-app.azurecontainerapps.io/sse",
"headers": {
"X-API-Key": "<API-KEY-FROM-STEP-1>"
}
}
}
}
Replace the URL and API key with values from Step 1 output.
Security Hardening: IP Allowlist (Recommended)
Restrict access to your Container App from specific IP addresses:
Allow a single IP:
az containerapp ingress access-restriction set `
--name <your-container-app-name> `
--resource-group response-mcp-rg `
--rule-name "AllowMyIP" `
--action Allow `
--ip-address "203.0.113.42/32" `
--description "My workstation"
Allow multiple IPs or ranges:
# Add office network
az containerapp ingress access-restriction set `
--name <your-container-app-name> `
--resource-group response-mcp-rg `
--rule-name "AllowOffice" `
--action Allow `
--ip-address "203.0.113.0/24" `
--description "Office network"
# Add VPN endpoint
az containerapp ingress access-restriction set `
--name <your-container-app-name> `
--resource-group response-mcp-rg `
--rule-name "AllowVPN" `
--action Allow `
--ip-address "198.51.100.10/32" `
--description "VPN gateway"
List current rules:
az containerapp ingress access-restriction list `
--name <your-container-app-name> `
--resource-group response-mcp-rg `
-o table
Remove a rule:
az containerapp ingress access-restriction remove `
--name <your-container-app-name> `
--resource-group response-mcp-rg `
--rule-name "AllowMyIP"
Note: IP restrictions are evaluated in order. Ensure you don't lock yourself out - test from allowed IPs before removing unrestricted access.
Security Considerations
| Layer | Protection |
|---|---|
| Transport | HTTPS/TLS encryption |
| Authentication | API key in X-API-Key header |
| Network | IP allowlist on Container App (standard) |
| Network (Advanced) | VNet integration + Private Link/VPN (optional) |
| Secrets | Stored in Azure Container App secrets |
| Defender API | Service principal with least privilege |
Standard Security (Current Deployment):
- Public endpoint with IP allowlist restrictions
- API key authentication
- HTTPS/TLS encryption
- Suitable for most organizations
Advanced Security (VNet Deployment):
For organizations requiring private network access, deploy the Container App into a VNet:
Benefits:
- Private-only access (no public internet exposure)
- Access via VPN Gateway, ExpressRoute, or Azure Bastion
- Network Security Groups (NSGs) and firewall rules
- Compliance with strict network isolation policies
Requirements:
- Custom VNet with delegated subnet for Container Apps
- VPN Gateway (~$140/month) or ExpressRoute for remote access
- Container Apps Environment with VNet integration (
internal: true) - Higher base costs (~$200+/month for workload profiles)
When to use:
- Corporate policy requires all traffic through VPN/ExpressRoute
- No public internet endpoints allowed
- Need to access private Azure services (SQL Database with private endpoints)
- Compliance requirements mandate network isolation
Not recommended if:
- Accessing from individual analyst workstations (IP allowlist is simpler)
- Cost-sensitive environments
- Standard internet connectivity is acceptable
See Azure Container Apps VNet integration for implementation details.
Recommendations:
- Rotate API keys regularly
- Use IP allowlisting for production environments (easiest)
- Consider VNet deployment only if required by policy/compliance
- Monitor Container App logs for suspicious activity
- Grant only required Defender API permissions
- Rotate client secrets regularly
- Never commit API keys to source control
Cost Estimate
Estimated monthly Azure costs: ~$12-18/month for typical usage (few analysts, business hours only). Scale-to-zero enabled to minimize idle costs. Costs increase with 24/7 operations (~$30-40/month) or higher log retention.
Troubleshooting
Connection refused:
- Check Container App is running:
az containerapp show --name your-app -g your-rg - Verify network connectivity to Azure
401 Unauthorized:
- Verify your API key is correct
- Check the
X-API-Keyheader is being sent - Ensure
MCP_API_KEYis set in Container App environment
Defender API errors:
- Verify app registration permissions and admin consent
- Check client secret hasn't expired
- Ensure service principal has required Defender API permissions
License
MIT
Установка Response Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/markolauren/ResponseMCPFAQ
Response Server MCP бесплатный?
Да, Response Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Response Server?
Нет, Response Server работает без API-ключей и переменных окружения.
Response Server — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Response Server в Claude Desktop, Claude Code или Cursor?
Открой Response Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Response Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
