Server Details
Write better incident response and other reports, get guidance on security best practices.
- Status
- Unhealthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Available Tools
9 toolsget_articleTry in Inspector
Get the full content of a specific article from Lenny Zeltser's Website by URL path. Returns the complete article including title, date, topics, summary, and full body text.
| Name | Required | Description | Default |
|---|---|---|---|
| url | Yes | Article URL path (e.g., '/about', '/article-slug') |
get_capabilitiesTry in Inspector
List all capabilities and tools available from the Lenny Zeltser's Website MCP server, including search tools and any specialized features like IR report writing assistance.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
get_index_infoTry in Inspector
Get statistics about the Lenny Zeltser's Website search index including total pages indexed, last update time, and available tools.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
get_security_writing_guidelinesTry in Inspector
Get writing guidelines for security reports and assessments. Provides guidance on tone, structure, clarity, executive summaries, and avoiding common writing mistakes. Works for any security document. These guidelines are returned to your AI for local analysis. Your documents are never sent to this server. Note: For incident response reports specifically, use the ir_* tools which provide deeper section-by-section review criteria.
| Name | Required | Description | Default |
|---|---|---|---|
| focus | No | Which aspects of writing to focus on. 'tone': voice, do/avoid examples. 'structure': paragraphs, report qualities, formatting. 'clarity': sentences, jargon alternatives. 'executive_summary': exec summary best practices. 'critique': writing as critique not criticism. 'all' or omit for everything. | |
| include_examples | No | Include before/after examples. Default: true. Set to false for smaller response. |
ir_get_guidelinesTry in Inspector
Get writing guidelines for incident response reports. Topics: tone, words, structure, executive_summary, or summary for quick reference. The IR tools return guidelines to your AI for local analysis. Your incident notes are never sent to this server.
| Name | Required | Description | Default |
|---|---|---|---|
| topic | No | Specific topic: 'tone', 'words', 'structure', 'executive_summary', or 'summary' for quick reference. Omit for full guidelines. |
ir_get_templateTry in Inspector
Get the incident response report template. The IR tools return guidelines to your AI for local analysis. Your incident notes are never sent to this server.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
ir_load_contextTry in Inspector
Load IR report writing context for local analysis. Returns guidelines for field completeness, incident identification, notification triggers, and writing quality. Your AI uses this context to analyze your incident notes locally—your notes are never sent to this server. Use detail_level to control response size: "minimal" (~2k tokens), "standard" (~5k tokens), or "comprehensive" (~11k tokens).
| Name | Required | Description | Default |
|---|---|---|---|
| topics | No | Specific topics to load. Overrides detail_level for fine-grained control. Options: completeness (field guidance), incidents (type identification), notifications (regulatory triggers), writing (style analysis), actions (urgency categorization), stakeholders (party identification), sections (review criteria). | |
| detail_level | No | Level of detail to return. 'minimal': core field guidance only (~2k tokens). 'standard': field guidance + writing analysis + notifications (~5k tokens, default). 'comprehensive': everything including examples and all incident types (~11k tokens). | |
| incident_type | No | Load guidance for a specific incident type only (saves tokens). Omit to load all types when 'incidents' topic is included. | |
| include_examples | No | Include good/poor examples in field guidance. Default: false. Set to true for learning/training. |
ir_review_reportTry in Inspector
Get criteria for reviewing an existing IR report. Returns focused guidance for constructive critique — what to check in each section, writing quality issues to identify, and how to frame feedback collaboratively. Your AI uses this to analyze your report locally—your report is never sent to this server.
| Name | Required | Description | Default |
|---|---|---|---|
| focus | No | What aspects to focus on. 'completeness': is everything covered? 'clarity': jargon, passive voice, vague terms. 'tone': collaborative framing. 'structure': sentence/paragraph organization. | |
| sections | No | Specific sections to get review criteria for. Omit or use 'all' for complete review criteria. |
search_zeltserTry in Inspector
Search Lenny Zeltser's Website by keywords. Security articles on malware analysis, incident response, and security leadership. Searches across titles, abstracts, full content, and topics.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | Maximum number of results to return (default: 10, max: 25) | |
| query | Yes | Search terms to find relevant content |
FAQ
How do I claim this server?
To claim this server, publish a /.well-known/glama.json file on your server's domain with the following structure:
The email address must match the email associated with your Glama account. Once verified, the server will appear as claimed by you.
What are the benefits of claiming a server?
- Control your server's listing on Glama, including description and metadata
- Receive usage reports showing how your server is being used
- Get monitoring and health status updates for your server