SigmaLineage MCP

by MohitDabas · security · mcp-server, glama

Enables context-aware EVTX hunting with process lineage tracing and rarity baselining to surface real threats from security logs, transforming raw alerts into actionable kill chain intelligence.

Source: https://github.com/MohitDabas/sigmalineage-mcp

Install

git clone https://github.com/MohitDabas/sigmalineage-mcp

Tags: mcp-server, glama

Source: glama

About security MCP servers and Claude skills

Security MCP servers let agents scan dependencies, audit logs, check for vulnerabilities, and enforce policy guardrails. Critical for any agent that touches production.

SigmaLineage MCP is one of hundreds of security entries indexed on Skiln. Browse the full security category or the complete directory of Claude skills, MCP servers, agents, commands, and hooks.

Related security MCPs and skills

  • ProtonBound by dazzle-blip

    A security-first MCP server that provides AI agents with a scoped, read-and-draft-only view into Proton Mail via Proton Bridge, ensuring no emails can be sent and access is restricted to configured workspaces.

  • Agent Data Gateway by taiyofujiwara

    Middleware that converts existing APIs/DBs into MCP tools with secure credential injection, data scoping, and immutable audit logs.

  • ecommerce-fashion-market-analysis by alexgenovese

    A fashion vertical MCP server providing tools for product SEO audits and trend analysis to integrate with AI agents like Claude, Cursor, and Codex.

  • scm-mcp-server by zm1990s

    Exposes Palo Alto Networks Strata Cloud Manager API via MCP, enabling AI assistants to manage addresses, security rules, and incidents through natural language.

  • mcp-dlp by aaravjain151

    A data-loss-prevention (DLP) layer for AI agents that intercepts document reads, scans for sensitive data, and redacts or blocks it before it reaches the model, with audit logging.

  • MongoDB Intelligence MCP Server by Salman0076

    An autonomous MCP server that enables LLMs to intelligently query and analyze MongoDB databases by reverse-engineering schemas, proving relationships, and enforcing security safeguards like PII masking and query limits.

  • MCP SQL Server by GK-Leyton

    Provides read-only access to SQL Server databases via Claude Desktop, with multiple security layers preventing any writes.

  • MCP SQL Server Gateway by jessef1983

    Enterprise-safe MCP server that enables Claude Enterprise to access approved on-prem SQL Server data through read-only, governed, and auditable tools.

Frequently asked questions

How do I install SigmaLineage MCP?

Add the install command above to your Claude Code, Cursor, or Windsurf MCP configuration. Most servers register via npx, a local command, or a Docker image. Refer to the source repository for environment variables and credential requirements.

Which clients support SigmaLineage MCP?

Any MCP-compatible client works: Claude Desktop, Claude Code CLI, Cursor, Windsurf, Zed, and VS Code with the official MCP extension. OpenAI Codex and GitHub Copilot increasingly support MCP via adapter bridges.

Is SigmaLineage MCP free?

The server itself is typically open source. Any upstream service (API keys, paid tiers, hosted infrastructure) may have its own pricing. Check the source repository for details.