Skip to main content
Glama
DynamicEndpoints

Microsoft 365 Core MCP Server

by DynamicEndpoints
OverviewSchemaRelated ServersScoreDiscussions
JavaScript
Remote

manage_cis_compliance

Assess and remediate CIS benchmark compliance for Microsoft 365 environments, track security controls, and generate compliance reports.

Instructions

Manage CIS (Center for Internet Security) benchmark compliance including assessment and remediation tracking.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
actionYesCIS compliance action
benchmarkNoCIS benchmark to assess
implementationGroupNoImplementation group
controlIdsNoSpecific control IDs
scopeNoAssessment scope
settingsNoAssessment settings

Implementation Reference

  • src/handlers/compliance-handler.ts:467-504 (handler)
    The primary handler function for the 'manage_cis_compliance' tool. Dispatches to specific CIS operations like assessment, reporting, remediation based on args.action.
    export async function handleCISCompliance( graphClient: Client, args: CISComplianceArgs ): Promise<{ content: { type: string; text: string }[] }> { let result: any; switch (args.action) { case 'assess': // Perform CIS compliance assessment result = await performCISAssessment(graphClient, args); break; case 'get_benchmark': // Get CIS benchmark information result = await getCISBenchmark(args.benchmark || 'office365'); break; case 'generate_report': // Generate CIS compliance report result = await generateCISReport(graphClient, args); break; case 'configure_monitoring': // Configure CIS monitoring result = await configureCISMonitoring(args); break; case 'remediate': // Execute automated remediation result = await executeCISRemediation(graphClient, args); break; default: throw new McpError(ErrorCode.InvalidParams, `Invalid action: ${args.action}`); } return { content: [{ type: 'text', text: JSON.stringify(result, null, 2) }] }; }
  • src/tool-definitions.ts:469-485 (schema)
    Zod schema defining the input parameters for the 'manage_cis_compliance' tool, used for validation and MCP discovery.
    export const cisComplianceSchema = z.object({ action: z.enum(['assess', 'get_benchmark', 'generate_report', 'configure_monitoring', 'remediate']).describe('CIS compliance action'), benchmark: z.enum(['windows-10', 'windows-11', 'windows-server-2019', 'windows-server-2022', 'office365', 'azure', 'intune']).optional().describe('CIS benchmark to assess'), implementationGroup: z.enum(['1', '2', '3']).optional().describe('Implementation group'), controlIds: z.array(z.string()).optional().describe('Specific control IDs'), scope: z.object({ devices: z.array(z.string()).optional().describe('Target devices'), users: z.array(z.string()).optional().describe('Target users'), policies: z.array(z.string()).optional().describe('Target policies'), }).optional().describe('Assessment scope'), settings: z.object({ automated: z.boolean().optional().describe('Automated assessment'), generateRemediation: z.boolean().optional().describe('Generate remediation plans'), includeEvidence: z.boolean().optional().describe('Include evidence'), riskPrioritization: z.boolean().optional().describe('Risk-based prioritization'), }).optional().describe('Assessment settings'), });
  • src/server.ts:1031-1049 (registration)
    MCP server tool registration for 'manage_cis_compliance', linking schema, metadata hints, and the wrapped handler function.
    "manage_cis_compliance", "Manage CIS (Center for Internet Security) benchmark compliance including assessment and remediation tracking.", cisComplianceSchema.shape, {"readOnlyHint":false,"destructiveHint":false,"idempotentHint":true}, wrapToolHandler(async (args: CISComplianceArgs) => { this.validateCredentials(); try { return await handleCISCompliance(this.getGraphClient(), args); } catch (error) { if (error instanceof McpError) { throw error; } throw new McpError( ErrorCode.InternalError, `Error executing tool: ${error instanceof Error ? error.message : 'Unknown error'}` ); } }) );
  • src/types/compliance-types.ts:440-456 (schema)
    TypeScript interface defining the structure of arguments for CIS compliance operations, used by the handler.
    export interface CISComplianceArgs { action: 'assess' | 'get_benchmark' | 'generate_report' | 'configure_monitoring' | 'remediate'; benchmark?: 'windows-10' | 'windows-11' | 'windows-server-2019' | 'windows-server-2022' | 'office365' | 'azure' | 'intune'; implementationGroup?: '1' | '2' | '3'; controlIds?: string[]; scope?: { devices?: string[]; users?: string[]; policies?: string[]; }; settings?: { automated?: boolean; generateRemediation?: boolean; includeEvidence?: boolean; riskPrioritization?: boolean; }; }
  • src/tool-metadata.ts:201-204 (registration)
    Tool metadata providing description, title, and behavioral annotations for the 'manage_cis_compliance' tool.
    manage_cis_compliance: { description: "Manage CIS (Center for Internet Security) benchmark compliance including assessment and remediation tracking.", title: "CIS Compliance Manager", annotations: { title: "CIS Compliance Manager", readOnlyHint: false, destructiveHint: false, idempotentHint: true, openWorldHint: true }
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/DynamicEndpoints/m365-core-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server