Security & Auth MCP Servers

The CISA Known Exploited Vulnerabilities (KEV) Catalog is the authoritative U.S. government list of vulnerabilities that are actively being exploited in the wild. Federal agencies are required to remediate KEV entries by their due dates. Search the catalog, look up specific CVEs, find recently added entries, filter by ransomware campaign use, and get summary stats.

Container CVE triage and cross-source vulnerability intelligence: local Trivy scans via Desktop, NIST NVD + CISA KEV + EPSS enrichment, and explainable exploit_priority / patch_today / defer bucketing.

Intruder is a cybersecurity platform that offers automated vulnerability scanning to help businesses identify and address security weaknesses in their systems. Use it to enhance your organization's security posture and protect against potential threats.

Persona provides identity verification and authentication services, enabling businesses to verify customer identities and ensure compliance with regulatory standards. It is primarily used for secure and efficient identity management and fraud prevention.

OPUSWatch provides API-based solutions for managing operational risk and ensuring regulatory compliance, mainly for Dutch organizations. Use it to track, analyze, and report on compliance metrics efficiently.

OFAC-API.com provides KYC, AML, and sanctions compliance screening against 25+ global data sources including OFAC SDN, EU, UN, UK, PEP, INTERPOL, and more.

Microsoft Entra ID is an identity and access management service that provides secure authentication and authorization for users accessing Microsoft services and applications. It is primarily used for managing user identities and safeguarding access to resources.

The NIST National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data. Search CVEs, check CVSS scores, find known exploited vulnerabilities, and track vulnerability changes.

The Exploit Prediction Scoring System (EPSS) by FIRST.org estimates the probability that a CVE will be exploited in the wild within 30 days. Look up exploit scores for specific CVEs, discover the most exploitable vulnerabilities, track score trends over time, and filter by score or percentile ranges for risk prioritization.

Run Trivy or Grype on your machine via MCPBundles Desktop. Used by Vulnerability Intelligence scan_triage to scan container images and project filesystems locally before cloud enrichment.

Python supply-chain security platform. Track installed packages and versions, monitor vulnerabilities via the OSV database, and validate against organization-wide allow lists.

This server acts as a gateway for managing persistent identities and shared content within a collaborative environment. It is designed for users who need to maintain a consistent identity across various applications and share content seamlessly.

This server provides identity management, authorization, and audit trail capabilities, ensuring secure access and permission management for applications. It is ideal for developers and organizations focused on enhancing security and compliance in their systems.

Certman allows users to create and manage their own Certificate Authority, providing tools for internal security and certificate management. It is aimed at IT professionals and organizations seeking to enhance their security infrastructure.

Clerk provides tools for managing user authentication and access control, streamlining the integration of user management into applications. This server is ideal for developers looking to enhance security and user experience in their software.

Apiiro Guardian Agent offers security and compliance tools for managing application vulnerabilities and risks. It is aimed at security professionals and developers who need to ensure their applications adhere to best practices and regulatory standards.

Cloudflare One CASB (Cloud Access Security Broker) identifies security misconfigurations across SaaS applications, safeguarding organizations against data leaks and compliance violations. It scans connected services for risky settings, exposed data, and policy violations.

Microsoft Entra (formerly Azure AD) is an identity and access management platform. Provides user authentication, single sign-on, conditional access policies, and directory services for organizations.

AI agent security gateway and DLP firewall. Scans every tool call for secrets, PII, prompt injection, and destructive commands in both directions.

Okta is an identity and access management platform providing single sign-on, multi-factor authentication, lifecycle management, and API access management for workforce and customer identity.

Sonatype's component intelligence server provides tools for managing software components, including version tracking and security analysis. Developers can utilize this server to ensure they are using the most secure and up-to-date components in their applications. It is particularly useful for software teams focused on maintaining high standards of security and compliance.

ActionGate provides tools for assessing risk scores and simulating scenarios related to policy compliance. This server is aimed at businesses and organizations that need to evaluate risks and ensure adherence to policies.

This server provides tools for ensuring compliance with the EU AI Act by scanning AI codebases and generating compliance reports. Users can check the compliance status of their projects, generate templates, and assess risk categories, making it essential for developers and organizations working with AI technologies in Europe.

Agent Safe provides a suite of tools for assessing the safety of emails and URLs, ensuring secure communication and protecting against phishing attacks. This service is essential for cybersecurity professionals and organizations focused on maintaining secure digital environments.