MCP Vulnerability Management

Unizo's Vulnerability Management MCP Server provides a unified, extensible platform for integrating vulnerability management capabilities directly into AI agents and LLM clients through the Model Context Protocol (MCP). Designed for security professionals and developers, this guide covers how to install, configure, and interact with the Unizo Vulnerability MCP server, with comprehensive support for vulnerability assessment, asset management, and security scan operations.

Overview

The Unizo Vulnerability Management MCP Server enables seamless integration of vulnerability management systems with AI agents through a standardized interface that abstracts the complexity of different security scanners.

Key Benefits

• Unified Vulnerability Interface: Interact with multiple vulnerability management tools like Nessus, Qualys, Rapid7, and OpenVAS through a normalized set of MCP tools
• AI Agent Compatibility: Fully compatible with Claude, GPT, and any other LLMs supporting the MCP protocol for automated security operations
• Comprehensive Security Toolset: Full vulnerability lifecycle management with asset discovery, scan orchestration, and risk assessment capabilities
• Enterprise Security Features: Built-in compliance reporting, CVSS scoring, and integration with security frameworks

Available Tools

Tool Reference

Tool Name	Description	Parameters
list_vulnerabilities	Retrieves all vulnerabilities from integrated security scanners	Required: integrationId Optional: offset (default: 0), limit (default: 20), sort Returns: Vulnerability details with CVSS scores, CVE mappings, and risk classifications
list_assets	Lists all discovered assets in the environment	Required: integrationId Optional: offset, limit, sort Returns: Asset inventory with vulnerability counts and risk scores
list_scans	Shows all security scans	Required: integrationId Optional: offset, limit, sort Returns: Scan history with execution details and vulnerability counts

Installation & Setup

Prerequisites

• Node.js or Python runtime (depending on chosen client SDK)
• MCP-capable agent (e.g., Claude, GPT)
• Unizo API credentials with vulnerability management permissions
• Active integrations with vulnerability scanners (Nessus, Qualys, etc.)

Example MCP Server Setup (JSON)

{
  "mcpServers": {
    "unizo": {
      "command": "mcp-proxy",
      "args": ["http://172.184.130.51:8999/mcp"],
      "env": {
        "API_ACCESS_TOKEN": "your_account_token"
      }
    }
  }
}

Security Tip

The Unizo Vulnerability MCP Server provides enterprise-grade security features including encrypted data transmission, role-based access controls, and comprehensive audit logging for compliance requirements.

Environment Variables

Variable	Description
API_ACCESS_TOKEN	Your Unizo API key for authenticating vulnerability management requests

Client Integration Flow

1. Initialize the MCP Server

   • Use your preferred orchestrator (Claude Desktop, GPT MCP Plugin, etc.)
   • Load the MCP JSON config with the Unizo vulnerability management setup
   • Verify scanner integrations are active and accessible

2. Query Available Tools - Comprehensive vulnerability management across your security infrastructure

   • Upon server initialization, all vulnerability management tools will be available to the agent
   • Tools automatically adapt to your configured scanner types and capabilities

3. Execute Vulnerability Operations - AI-driven security assessment and remediation

   • Use list_vulnerabilities and list_assets for discovery and inventory
   • Create targeted scans with create_scan for specific assets or vulnerability types
   • Generate comprehensive risk reports with prioritized remediation guidance
   • Server handles scanner-specific API differences transparently

Observability & Logging

All interactions are logged with full context and correlation metadata.

Early Access Program

The Unizo Vulnerability Management MCP Server is currently available through our Early Access Program. All customers can gain priority access to these powerful vulnerability management tools and receive dedicated implementation support.

Get Started Today

Reach out to our team to schedule a personalized demo and discuss integration options for your organization. Connect With Us