Security Copilot and Sentinel MCP Server

The Security Copilot and Sentinel MCP Server bridges the gap between developers’ local environments and Microsoft’s cloud‑native security tooling. By exposing a Model Context Protocol (MCP) interface, it lets AI assistants such as Claude invoke real‑world security actions—running Kusto Query Language (KQL) queries against Azure Sentinel, managing Security Copilot skillsets and plugins, and executing prompts or skills directly inside the Copilot ecosystem. This removes the need for manual portal interactions, enabling automated threat hunting, continuous testing of security workflows, and rapid iteration on custom plugins.

At its core, the server implements four primary tools. First, sends arbitrary KQL statements to a Sentinel workspace and streams the results back to the assistant. Second, retrieves the current list of skillsets and plugins registered with Security Copilot, giving developers visibility into what is available for use. Third, accepts a plugin package and either creates a new skillset or updates an existing one, streamlining the deployment pipeline. Finally, allows an AI agent to trigger a specific prompt or skill within Security Copilot, effectively turning the assistant into an interactive security analyst.

Developers benefit from this server in several concrete scenarios. During continuous integration/continuous deployment (CI/CD) of security tooling, automated tests can run KQL queries to validate data ingestion or alert logic. In adversary emulation exercises, an AI agent can launch Sentinel queries to detect simulated threats and then trigger corresponding Copilot responses. For plugin development, the server’s upload capability lets teams iterate on skillset code, test it in a sandboxed environment, and promote it to production without leaving the IDE. The integration also supports multiple authentication flows—interactive browser, client secret, and managed identity—ensuring that it fits both local dev machines and cloud‑hosted pipelines.

The MCP server’s use of Server‑Sent Events (SSE) as the transport layer guarantees low‑latency, real‑time streaming of query results and prompt responses. This makes the assistant feel like a natural extension of the security platform, with instant feedback and actionable insights. Moreover, the server’s open‑source nature invites contributions such as advanced hunting in Defender XDR and promptbook testing, positioning it as a living platform that evolves alongside Microsoft’s security services.

In sum, the Security Copilot and Sentinel MCP Server transforms static security tooling into a programmable, AI‑driven workflow. By exposing Sentinel query execution and Copilot skill management through MCP, it empowers developers to build smarter, faster, and more resilient security solutions that can be tested, deployed, and operated entirely from code.