Sponsored by Deepsite.site

MCP.so

DevSecOps Mcp

Created By
jmstar855 months ago
A comprehensive Model Context Protocol (MCP) server that integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Software Composition Analysis (SCA) tools for AI-powered DevSecOps automation.
# #DevSecOps #SAST #DAST #IAST #SCA
OverviewContentToolsComments
Overview

DevSecOps MCP Server A comprehensive Model Context Protocol (MCP) server that integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Software Composition Analysis (SCA) tools for AI-powered DevSecOps automation.

🚀 Features SAST Integration: ✅ Semgrep, Bandit (verified) DAST Integration: ✅ OWASP ZAP (verified) IAST Integration: ✅ Trivy + OWASP ZAP hybrid (verified) SCA Integration: ✅ npm audit, OSV Scanner, Trivy (verified) Comprehensive Security Reports: JSON, HTML, PDF, SARIF formats Policy Enforcement: Configurable security thresholds and gates Docker Support: Full containerization with security tools Real-time Monitoring: Performance metrics and logging 100% Open Source: No commercial tool dependencies AI-Powered Analysis: Claude integration for intelligent security insights 🛠️ Architecture src/ ├── mcp/ │ ├── server.ts # Main MCP server │ ├── tools/ │ │ ├── sast-tool.ts # SAST integration │ │ ├── dast-tool.ts # DAST integration
│ │ ├── iast-tool.ts # IAST integration │ │ └── sca-tool.ts # SCA integration │ └── connectors/ │ ├── sonarqube.ts │ ├── zap.ts │ ├── trivy.ts │ └── osv-scanner.ts ├── config/ │ ├── security-rules.yml │ └── tool-configs.json └── tests/security/

🎯 Summary DevSecOps MCP Server is an AI-powered security automation platform verified through real-world testing:

Key Achievements ✅ 80+ real vulnerabilities detected (SAST: 60+, DAST: 5+, SCA: 20+) OWASP Top 10 100% coverage verification completed All 4 security test types integrated (SAST, DAST, IAST, SCA) Fully open source based (commercial tool dependencies removed) Claude AI integration ready Ready to Use 🚀

Setup and test in under 5 minutes

pip3 install semgrep bandit git clone && cd DevSecOps-MCP node test-all-security.js Differentiators 💡 AI Native: Natural language security analysis with Claude Proven Performance: Tested with real vulnerabilities Zero Cost: Completely free and open source Plug & Play: Ready-to-use configuration Built with security in mind for modern DevSecOps workflows 🛡️

"The future of security is AI-powered, open, and automated."

Server Config

{
  "mcpServers": {
    "devsecops": {
      "command": "node",
      "args": [
        "dist/src/mcp/server.js"
      ],
      "cwd": "/path/to/DevSecOps-MCP",
      "env": {
        "NODE_ENV": "production",
        "MCP_PORT": "3000",
        "LOG_LEVEL": "info",
        "SECURITY_STRICT_MODE": "true"
      }
    }
  }
}
Recommend Servers
TraeBuild with Free GPT-4.1 & Claude 3.7. Fully MCP-Ready.
Zhipu Web SearchZhipu Web Search MCP Server is a search engine specifically designed for large models. It integrates four search engines, allowing users to flexibly compare and switch between them. Building upon the web crawling and ranking capabilities of traditional search engines, it enhances intent recognition capabilities, returning results more suitable for large model processing (such as webpage titles, URLs, summaries, site names, site icons, etc.). This helps AI applications achieve "dynamic knowledge acquisition" and "precise scenario adaptation" capabilities.
Playwright McpPlaywright MCP server
Context7Context7 MCP Server -- Up-to-date code documentation for LLMs and AI code editors
Baidu Map百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
MiniMax MCPOfficial MiniMax Model Context Protocol (MCP) server that enables interaction with powerful Text to Speech, image generation and video generation APIs.
Serper MCP ServerA Serper MCP Server
WindsurfThe new purpose-built IDE to harness magic
Tavily Mcp
DeepChatYour AI Partner on Desktop
EdgeOne Pages MCPAn MCP service designed for deploying HTML content to EdgeOne Pages and obtaining an accessible public URL.
Jina AI MCP ToolsA Model Context Protocol (MCP) server that integrates with Jina AI Search Foundation APIs.
Amap Maps高德地图官方 MCP Server
ChatWiseThe second fastest AI chatbot™
Howtocook Mcp基于Anduin2017 / HowToCook (程序员在家做饭指南)的mcp server,帮你推荐菜谱、规划膳食,解决“今天吃什么“的世纪难题; Based on Anduin2017/HowToCook (Programmer's Guide to Cooking at Home), MCP Server helps you recommend recipes, plan meals, and solve the century old problem of "what to eat today"
Visual Studio Code - Open Source ("Code - OSS")Visual Studio Code
MCP AdvisorMCP Advisor & Installation - Use the right MCP server for your needs
BlenderBlenderMCP connects Blender to Claude AI through the Model Context Protocol (MCP), allowing Claude to directly interact with and control Blender. This integration enables prompt assisted 3D modeling, scene creation, and manipulation.
TimeA Model Context Protocol server that provides time and timezone conversion capabilities. This server enables LLMs to get current time information and perform timezone conversions using IANA timezone names, with automatic system timezone detection.
CursorThe AI Code Editor
AiimagemultistyleA Model Context Protocol (MCP) server for image generation and manipulation using fal.ai's Stable Diffusion model.