falcon-mcp

falcon-mcp

MCP server bridging AI assistants with CrowdStrike Falcon for SOC operations, enabling natural-language triage, investigation, and response across detections, endpoints, threat intelligence, and more.

Category
访问服务器

README

CrowdStrike Logo (Light) CrowdStrike Logo (Dark)

falcon-mcp

PyPI version PyPI - Python Version License: MIT MCP Protocol Documentation GitHub Stars

For SOC analysts and security engineers: Stop tab-switching between CrowdStrike, your ticketing system, and your notes. Ask Claude to triage the alert, pull the process tree, check if the hash ran on other hosts, and draft the IR note — all in one conversation.

falcon-mcp is a Model Context Protocol (MCP) server that gives AI agents — including Claude — direct, structured access to the CrowdStrike Falcon platform for intelligent security operations.

[!IMPORTANT] Public Preview: This project is currently in public preview and under active development. Features and functionality may change before the stable 1.0 release. We welcome feedback through GitHub Issues.

What It Does

falcon-mcp bridges AI assistants and the CrowdStrike Falcon platform, enabling SOC analysts to ask natural-language questions and get answers backed by live Falcon data. It exposes Falcon's detection, investigation, response, and intelligence capabilities as MCP tools, so an AI agent can search detections, pivot through behaviors, contain hosts, and query threat intelligence — all from a single conversation. Designed for both interactive SOC workflows and automated security pipelines, it supports MSSP Flight Control so multi-tenant environments can be queried without switching consoles.

Features

  • EDR Telemetry — Search detections, behaviors, and incidents; drill into process execution trees and command-line activity
  • Real Time Response (RTR) — Initialize RTR sessions, run read-only triage commands (ps, netstat, filehash, reg query), and execute active responder and admin commands with configurable safety gates
  • Threat Intelligence — Research threat actors, query CrowdStrike indicators, retrieve MITRE ATT&CK reports, and search intelligence reports
  • Custom IOC Management — Search, create, and delete custom indicators of compromise; manage IOC watchlists
  • Vulnerability Management (Spotlight) — Query CVE exposure by host, filter by severity or CVE ID, and surface vulnerability assessments
  • Cloud Security — Kubernetes container visibility, container image vulnerabilities, CSPM asset inventory, and serverless function vulnerability scanning
  • Identity Protection (IDP) — Entity investigation and identity-based threat analysis
  • MSSP / Flight Control — List and target child CIDs; pass a per-tool member_cid to scope any query to a specific managed tenant
  • Next-Gen SIEM (NGSIEM) — Execute CQL queries against the Falcon NGSIEM for log-based investigation
  • Host Management — Query host inventory, login history, network address history, device groups, and online state
  • Firewall & Custom IOA — Search and manage firewall rules and behavioral detection rule groups
  • Incident Management — Correlate incidents across hosts, update status, and annotate with investigative notes
  • Scheduled Reports — List, manage, and download Falcon scheduled report outputs
  • Safety Gates — Read-only mode suppresses all mutating tools at registration time; a separate destructive policy controls host containment, RTR execution, and account-level deletes

Architecture

falcon-mcp ships two layers of tools:

Layer Module count Approximate tool count Enabled by default
Curated hand-written modules 50 ~392 Yes
Auto-generated API wrappers (gen_*) 106 ~904 additional No (opt-in)

The default mode exposes the curated layer (~392 tools), which covers every major SOC workflow with well-described, ergonomic tools. The full generated layer (total ~1,296 tools) can be enabled with FALCON_MCP_ENABLE_GENERATED=1 for complete API surface coverage.

Prerequisites

  • Python 3.11 or later
  • CrowdStrike Falcon API credentials (Client ID and Client Secret) with appropriate scopes for the modules you intend to use
  • uv (recommended) or pip

Installation

Fastest — uvx (no install required)

Run directly without a persistent install:

uvx falcon-mcp

Via uv tool install (persistent)

uv tool install falcon-mcp

Via pip

pip install falcon-mcp

From source

git clone https://github.com/CrowdStrike/falcon-mcp.git
cd falcon-mcp
uv sync

Configuration

All configuration is driven by environment variables (or a .env file in the working directory). CLI flags mirror every env var and take precedence when both are set.

Variable Required Description Example
FALCON_CLIENT_ID Required CrowdStrike API Client ID abc123def456
FALCON_CLIENT_SECRET Required CrowdStrike API Client Secret your-client-secret
FALCON_BASE_URL Required API endpoint URL for your region https://api.crowdstrike.com
FALCON_MEMBER_CID Optional Default child CID for MSSP Flight Control; targets all queries at that tenant ABC123DEF456GHI789
FALCON_MCP_TRANSPORT Optional Transport protocol: stdio, sse, or streamable-http (default: stdio) streamable-http
FALCON_MCP_HOST Optional Bind host for HTTP transports (default: 127.0.0.1) 0.0.0.0
FALCON_MCP_PORT Optional Bind port for HTTP transports (default: 8000) 8000
FALCON_MCP_MODULES Optional Comma-separated list of modules to enable; omit to enable all detections,incidents,intel
FALCON_MCP_ENABLE_GENERATED Optional Set to 1 to load all 106 auto-generated modules (~1,296 tools total) 1
FALCON_MCP_READONLY Optional Set to true to suppress all mutating tools at startup true
FALCON_MCP_ALLOW_DESTRUCTIVE Optional Set to true to enable all destructive tools, or a comma-separated list of specific tool names to allow selectively falcon_perform_host_action,falcon_execute_rtr_active_responder_command
FALCON_MCP_API_KEY Optional API key for x-api-key header authentication on HTTP transports your-api-key
FALCON_MCP_STATELESS_HTTP Optional Set to true to enable stateless HTTP mode for horizontally-scaled deployments true
FALCON_MCP_DEBUG Optional Set to true to enable verbose debug logging true

Region base URLs:

Region Base URL
US-1 https://api.crowdstrike.com
US-2 https://api.us-2.crowdstrike.com
EU-1 https://api.eu-1.crowdstrike.com
GOV-1 https://api.laggar.gcw.crowdstrike.com

Claude Code Integration

HTTP mode (streamable-http) is recommended for Claude Code and other AI development environments that support persistent server connections.

Step 1 — Start the server:

FALCON_CLIENT_ID=your-client-id \
FALCON_CLIENT_SECRET=your-client-secret \
FALCON_BASE_URL=https://api.crowdstrike.com \
FALCON_MCP_TRANSPORT=streamable-http \
falcon-mcp

Step 2 — Add to .claude/settings.json (project) or ~/.claude/settings.json (global):

{
  "mcpServers": {
    "falcon-mcp": {
      "type": "http",
      "url": "http://localhost:8000/mcp"
    }
  }
}

For API key-protected deployments, add the header:

{
  "mcpServers": {
    "falcon-mcp": {
      "type": "http",
      "url": "http://localhost:8000/mcp",
      "headers": {
        "x-api-key": "your-api-key"
      }
    }
  }
}

Claude Desktop Integration

Stdio mode works best for Claude Desktop. Credentials are passed directly in the MCP server configuration.

{
  "mcpServers": {
    "falcon-mcp": {
      "command": "uvx",
      "args": ["falcon-mcp"],
      "env": {
        "FALCON_CLIENT_ID": "your-client-id",
        "FALCON_CLIENT_SECRET": "your-client-secret",
        "FALCON_BASE_URL": "https://api.crowdstrike.com"
      }
    }
  }
}

To load credentials from a .env file instead of embedding them in the config:

{
  "mcpServers": {
    "falcon-mcp": {
      "command": "uvx",
      "args": ["--env-file", "/path/to/.env", "falcon-mcp"]
    }
  }
}

Docker

# Pull the latest image
docker pull quay.io/crowdstrike/falcon-mcp:latest

# Run with a .env file (stdio transport)
docker run -i --rm --env-file /path/to/.env quay.io/crowdstrike/falcon-mcp:latest

# Run with streamable-http transport
docker run --rm -p 8000:8000 --env-file /path/to/.env \
  quay.io/crowdstrike/falcon-mcp:latest --transport streamable-http --host 0.0.0.0

See the Docker Deployment guide for building locally, custom ports, and advanced configurations.

MSSP / Multi-Tenant Usage

falcon-mcp has first-class support for CrowdStrike Flight Control environments.

Default tenant targeting: Set FALCON_MEMBER_CID to route all queries to a specific child CID without changing anything else:

export FALCON_MEMBER_CID="CHILD_CID_HERE"

Per-request tenant targeting: Every tool that accepts a member_cid parameter can override the default at call time. This lets an AI agent query multiple child tenants in a single session without restarting the server:

"Search for critical detections in tenant ABC123 and compare with tenant XYZ789."

Flight Control module: The flight_control module provides tools to enumerate all child accounts, list CID groups and user groups, query MSSP role assignments, and manage group membership.

MSSP API scopes: The parent CID must have Flight Control API scopes enabled. Child CID API keys are not required when querying through the parent.

Available Modules

Module Key Capabilities
alerts Search and manage unified alerts across all Falcon alert types
detections Find and analyze EDR detections; retrieve behavior details and process trees
incidents Query and correlate security incidents; update status and add investigative notes
hosts Search host inventory; get login history, network address history, and online state
intel Research threat actors and malware families; query IOC intelligence; retrieve MITRE ATT&CK reports
ioc Search, create, and delete custom indicators of compromise
rtr Initialize RTR sessions; execute read-only, active responder, and admin commands; manage RTR scripts
spotlight Query vulnerability findings by host or CVE ID; access evaluation logic and vulnerability metadata
cloud Kubernetes container visibility; container image vulnerabilities; CSPM asset inventory
idp Identity entity investigation and identity protection analysis
flight_control MSSP Flight Control: list child accounts, CID groups, user groups, and MSSP roles
ngsiem Execute CQL queries against the Falcon Next-Gen SIEM
filevantage File integrity monitoring — query FIM policy assignments and change events
discover Application inventory search; unmanaged and unsanctioned asset discovery
sensor_usage Access and analyze sensor deployment and usage data
threat_graph Graph-based IOC pivoting: find which hosts ran a given hash or connected to an IP
host_groups Manage device groups: create, update, and query host group membership
firewall Search and manage firewall rules and rule groups
custom_ioa Create and manage Custom IOA behavioral detection rules and rule groups
serverless Search for vulnerabilities in serverless functions
scheduled_reports List, manage, and download scheduled report executions

For required API scopes per module, see the Module Overview.

SOC Quick Start

Once the server is running and connected to Claude, you can start investigating immediately. Example prompts:

Triage new detections:

"Search for new critical and high severity detections from the last 24 hours and summarize the top 5."

Investigate a specific detection:

"Get the full process tree and command-line details for detection ID abc123."

Contain a compromised host:

"Contain host WORKSTATION-42 and add it to the IR-2025-001 tagging group."

Hunt by IOC:

"Which hosts in my environment have executed the hash d41d8cd98f00b204e9800998ecf8427e? Show me the timeline."

MSSP cross-tenant alert summary:

"List all open critical alerts across child tenants ABC123 and XYZ789 and flag any that share the same technique."

Vulnerability prioritization:

"Show me all critical CVEs with a CVSS score above 9.0 affecting internet-facing hosts."

macOS Persistence (launchd)

To run falcon-mcp as a persistent background service on macOS, an example launchd plist is provided in the examples/ directory. Load it with:

launchctl load ~/Library/LaunchAgents/com.crowdstrike.falcon-mcp.plist

See examples/ for the full plist template and configuration notes.

Cloud Deployment

Security Considerations

Read-only mode: For environments where write access is not required, set FALCON_MCP_READONLY=true. This suppresses all mutating tools at registration time — they are never exposed to the AI agent, regardless of what is asked.

Destructive operation gating: Even with writes enabled, tools annotated as destructive (host containment, RTR command execution, account-level deletes) are suppressed by default. Enable them explicitly via FALCON_MCP_ALLOW_DESTRUCTIVE. The recommended approach is to specify a comma-separated list of specific tool names rather than setting true (which arms all ~119 destructive tools):

# Enable only host containment and RTR active responder
FALCON_MCP_ALLOW_DESTRUCTIVE=falcon_perform_host_action,falcon_batch_execute_active_responder_command

API credential scoping: Create a dedicated Falcon API client for falcon-mcp with only the scopes required for your use case. Do not reuse admin-level API keys. Consult the Module Overview for the minimum required scopes per module.

Credential storage: Never embed API credentials in MCP configuration files committed to source control. Use environment variables, a .env file outside the repository root, or a secrets manager. For HTTP transports shared across users, enable FALCON_MCP_API_KEY to require authentication at the MCP layer in addition to Falcon API authentication.

Network exposure: The default HTTP bind address is 127.0.0.1. Do not bind to 0.0.0.0 in untrusted network environments without enabling API key authentication.

Contributing

# Clone and install with dev dependencies
git clone https://github.com/CrowdStrike/falcon-mcp.git
cd falcon-mcp
uv sync --all-extras

# Run tests
uv run pytest

This project uses Conventional Commits for automated releases. Please follow the commit message format outlined in our Contributing Guide.

Additional developer documentation:

Support

This is a community-driven, open source project. While it is not an official CrowdStrike product, it is actively maintained by CrowdStrike and supported in collaboration with the open source developer community.

For questions, bug reports, and feature requests, please open a GitHub Issue. CrowdStrike customers may also contact Technical Support through established support channels.

See SUPPORT.md for more information.

Related MCP Servers

These three servers cover complementary layers of a security stack — network/log (AlertLogic), endpoint protection (Sophos), and EDR/threat intel (CrowdStrike). Use them together for full-stack AI-powered SOC operations.

Server Platform Highlights
falcon-mcp CrowdStrike Falcon EDR telemetry, RTR, threat intel, MSSP Flight Control, 1,296 tools
sophos-central-mcp Sophos Central Endpoint isolation, Live Discover SQL, XDR, email/firewall/DNS, 334 tools
alertlogic-mcp Alert Logic MDR Incident response, SQL log search, SOAR, vulnerability management, 473 tools

License

This project is licensed under the MIT License. See the LICENSE file for details.

推荐服务器

Baidu Map

Baidu Map

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

官方
精选
JavaScript
Playwright MCP Server

Playwright MCP Server

一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。

官方
精选
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。

官方
精选
本地
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。

官方
精选
本地
TypeScript
VeyraX

VeyraX

一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。

官方
精选
本地
graphlit-mcp-server

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。

官方
精选
TypeScript
Kagi MCP Server

Kagi MCP Server

一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方
精选
Python
e2b-mcp-server

e2b-mcp-server

使用 MCP 通过 e2b 运行代码。

官方
精选
Neon MCP Server

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方
精选
Exa MCP Server

Exa MCP Server

模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方
精选