Key Points
At Intruder, we’re building a unified cyber security platform that makes it easy for all companies to gain visibility and control over their physical and cloud assets. The emergence of large language models (LLMs) and AI agents presents a huge opportunity to reduce friction and democratize access to the tools and insights needed to keep businesses secure.
By combining AI agents (like Claude) with the open-source Model Context Protocol (MCP) and Intruder’s API, Intruder users can now manage critical security workflows through simple, natural language prompts.
What is MCP?
Model Context Protocol (MCP) is an open standard that enables AI agents to control the systems and applications you use, like Intruder.
In more technical terms, we've created a small python module that interacts with the Intruder API. For each API endpoint, we used FastMCP (from Anthropic's MCP python SDK) to allow connected AI agents to call the endpoint, and to provide the agent with a description of what the endpoint does and what parameters are supported.
In the context of exposure management, this means that even non-technical users can perform tasks like running vulnerability scans, analyzing results, prioritizing remediation efforts or generating management summaries.
Intruder MCP Use Cases
1. Add and Scan Targets
Need to assess the security of a new asset? With Intruder's MCP server installed on your AI agent of choice, it’s as easy as asking:
“Add our new production server to Intruder and run a scan.”
Behind the scenes, the system handles everything: connecting to the API, adding the target, initiating the scan, and providing results.
2. Prioritize Issues
With Intruder's MCP server, users can also have an interactive dialogue with Claude to understand which issues should be addressed first:
“Show me the critical vulnerabilities for our web apps, and suggest which to prioritize based on exploitability and potential business impact.”
This allows for dynamic conversations where the AI can incorporate context like asset value or recent threat intelligence provided by Intruder to help teams focus on the most pressing risks.
3. Produce Management Summaries
Creating summaries for management can be time-consuming. With our MCP server, it becomes effortless:
“Summarize our current vulnerabilities for the leadership team, highlighting critical issues and upcoming remediation plans.”
The AI generates a concise, business-friendly summary that can be shared directly with stakeholders, saving time and making it easy to keep stakeholders aligned.
4. Validate and Remediate Vulnerabilities
The combination of an AI agent like Claude with Intruder's MCP server also enables users to confirm and address vulnerabilities:
“Guide me through reproducing the SQL injection vulnerability and provide a remediation plan tailored to our current tech stack.”
The system validates the finding and offers actionable, context-aware remediation advice, significantly accelerating the path to resolution.
Getting Started with the Intruder MCP Server
The first step is to ensure you have a Claude account (they offer a free plan), or another supported AI agent.
To use the MCP server, you'll need to generate an Intruder access token. You can then access the MCP server using Smithery, or install locally by following the instructions on GitHub.
