Security Context MCP Server

Overview Schema Related Servers Score Discussions

nist.ts•16.2 KiB

import axios from "axios"; import * as cheerio from "cheerio"; import { DocumentSource, SecurityDocument } from "../types.js"; export class NISTSource implements DocumentSource { name = "NIST"; async fetchDocuments(): Promise<SecurityDocument[]> { const documents: SecurityDocument[] = []; try { console.error("Fetching NIST documents..."); // NIST Cybersecurity Framework documents.push({ id: "nist-csf-2.0", source: "NIST", title: "NIST Cybersecurity Framework 2.0", url: "https://www.nist.gov/cyberframework", content: `The NIST Cybersecurity Framework (CSF) 2.0 provides guidance for organizations to manage and reduce cybersecurity risk. It consists of five core functions: Identify, Protect, Detect, Respond, and Recover. The Framework helps organizations understand, assess, prioritize, and communicate cybersecurity activities and outcomes. Key components include: Framework Core (outcomes, categories, subcategories), Implementation Tiers (levels of rigor), and Framework Profiles (alignment with organizational requirements).`, category: "Framework", lastUpdated: new Date(), metadata: { standard: "CSF", version: "2.0" }, }); // NIST SP 800-53 overview documents.push({ id: "nist-800-53", source: "NIST", title: "NIST SP 800-53: Security and Privacy Controls", url: "https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final", content: `NIST SP 800-53 provides a comprehensive catalog of security and privacy controls for information systems and organizations. Controls are organized into 20 families including Access Control (AC), Audit and Accountability (AU), Security Assessment and Authorization (CA), Configuration Management (CM), Contingency Planning (CP), Identification and Authentication (IA), Incident Response (IR), Maintenance (MA), Media Protection (MP), Physical and Environmental Protection (PE), Planning (PL), Personnel Security (PS), Risk Assessment (RA), System and Services Acquisition (SA), System and Communications Protection (SC), System and Information Integrity (SI), Program Management (PM), and Privacy Controls. Each control includes detailed implementation guidance.`, category: "Security Controls", lastUpdated: new Date(), metadata: { standard: "SP 800-53", revision: "5" }, }); // NIST SP 800-171 documents.push({ id: "nist-800-171", source: "NIST", title: "NIST SP 800-171: Protecting Controlled Unclassified Information", url: "https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final", content: `NIST SP 800-171 provides guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. The publication contains 14 families of security requirements: Access Control, Awareness and Training, Audit and Accountability, Configuration Management, Identification and Authentication, Incident Response, Maintenance, Media Protection, Personnel Security, Physical Protection, Risk Assessment, Security Assessment, System and Communications Protection, and System and Information Integrity. These requirements are critical for government contractors and organizations handling sensitive information.`, category: "CUI Protection", lastUpdated: new Date(), metadata: { standard: "SP 800-171", revision: "2" }, }); // Zero Trust Architecture documents.push({ id: "nist-800-207", source: "NIST", title: "NIST SP 800-207: Zero Trust Architecture", url: "https://csrc.nist.gov/publications/detail/sp/800-207/final", content: `NIST SP 800-207 defines Zero Trust Architecture (ZTA) principles. Zero trust assumes no implicit trust granted to assets or user accounts based solely on physical or network location. Key tenets include: continuous verification, assume breach, explicit verification for every access request, least privilege access, microsegmentation, and software-defined perimeter. ZTA uses identity-based authentication, micro-segmentation, and continuous monitoring. Components include Policy Engine, Policy Administrator, and Policy Enforcement Point. Implementation approaches include device agent/gateway, enclave gateway, and resource portal models.`, category: "Zero Trust", lastUpdated: new Date(), metadata: { standard: "SP 800-207" }, }); // Privacy Framework documents.push({ id: "nist-privacy-framework", source: "NIST", title: "NIST Privacy Framework", url: "https://www.nist.gov/privacy-framework", content: `The NIST Privacy Framework helps organizations identify and manage privacy risk to build customer trust and foster innovation. It consists of three parts: Core (privacy activities and outcomes organized into five Functions), Profiles (customized privacy objectives), and Implementation Tiers (privacy risk management sophistication). The five Functions are: Identify-P (understanding privacy risks), Govern-P (privacy governance), Control-P (data processing management), Communicate-P (transparent privacy practices), and Protect-P (safeguarding data). The Framework helps organizations consider privacy throughout system design and operations.`, category: "Privacy", lastUpdated: new Date(), metadata: { framework: "Privacy" }, }); // Additional NIST Special Publications documents.push({ id: "nist-800-63", source: "NIST", title: "NIST SP 800-63: Digital Identity Guidelines", url: "https://csrc.nist.gov/publications/detail/sp/800-63/4/final", content: `NIST SP 800-63 provides technical requirements for digital identity services. The guidelines cover three areas: SP 800-63A Identity Proofing and Enrollment - requirements for identity verification before issuing credentials. Three Identity Assurance Levels (IAL): IAL1 no identity proofing required, IAL2 remote or in-person proofing, IAL3 in-person proofing with physical verification. SP 800-63B Authentication and Lifecycle Management - requirements for authenticators. Three Authenticator Assurance Levels (AAL): AAL1 single-factor authentication, AAL2 two-factor authentication, AAL3 hardware-based authenticator with verifier impersonation resistance. Authenticator types include passwords, OTP devices, cryptographic authenticators, biometrics (as part of MFA). SP 800-63C Federation and Assertions - requirements for federated identity. Three Federation Assurance Levels (FAL). Key guidance: passwords should be at least 8 characters, no composition rules, check against breach lists, no periodic rotation requirements.`, category: "Identity", lastUpdated: new Date(), metadata: { standard: "SP 800-63", revision: "4" }, }); documents.push({ id: "nist-800-61", source: "NIST", title: "NIST SP 800-61: Computer Security Incident Handling Guide", url: "https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final", content: `NIST SP 800-61 provides guidelines for incident handling. Incident Response Lifecycle: 1. Preparation - establish incident response capability, implement preventive controls, acquire tools. 2. Detection and Analysis - identify incidents through monitoring, analyze to determine scope and impact, document and prioritize. 3. Containment, Eradication, and Recovery - contain to prevent spread, eradicate threat components, recover systems to normal operations. 4. Post-Incident Activity - lessons learned, evidence retention, using incident data for improvement. Key recommendations: Establish incident response team with clear roles. Create incident response plan and procedures. Establish communication plans including legal, PR, management. Practice with tabletop exercises and simulations. Maintain relationships with external parties (law enforcement, ISACs). Implement comprehensive logging. Attack vectors covered: external/removable media, attrition, web, email, impersonation, improper usage, loss/theft. Metrics for measuring IR capability effectiveness.`, category: "Incident Response", lastUpdated: new Date(), metadata: { standard: "SP 800-61", revision: "2" }, }); documents.push({ id: "nist-800-82", source: "NIST", title: "NIST SP 800-82: Guide to ICS Security", url: "https://csrc.nist.gov/publications/detail/sp/800-82/rev-3/final", content: `NIST SP 800-82 provides guidance for securing Industrial Control Systems (ICS) including SCADA, DCS, and PLCs. ICS security challenges: Legacy systems not designed for security, real-time requirements, safety implications, long system lifecycles. Key differences from IT: Availability is paramount, patching difficult due to real-time requirements, anti-malware may impact performance. Recommended security controls: Restrict logical access using DMZ between corporate and control networks. Restrict physical access to ICS network and devices. Protect individual ICS components from exploitation. Maintain functionality during adverse conditions. Implement defense-in-depth strategy. ICS-specific recommendations: Separate control network from enterprise network. Implement unidirectional gateways where appropriate. Use application whitelisting on HMI and engineering workstations. Implement secure remote access with MFA. Monitor network traffic for anomalies. Establish security policies for vendors and integrators. Conduct ICS-specific risk assessments.`, category: "ICS Security", lastUpdated: new Date(), metadata: { standard: "SP 800-82", revision: "3" }, }); documents.push({ id: "nist-800-190", source: "NIST", title: "NIST SP 800-190: Application Container Security Guide", url: "https://csrc.nist.gov/publications/detail/sp/800-190/final", content: `NIST SP 800-190 provides guidance on container security. Container risks include: Image risks - vulnerabilities in images, malware, embedded secrets, use of untrusted images. Registry risks - insecure connections, stale images, insufficient authentication. Orchestrator risks - unrestricted administrative access, unauthorized access, insecure inter-container network traffic, mixing workload sensitivity levels. Container risks - vulnerabilities in runtime, unbounded network access, insecure container runtime configurations, app vulnerabilities. Host OS risks - large attack surface, shared kernel, improper user access rights. Countermeasures: Image - use minimal base images, scan images, use signed images, run as non-root. Registry - use private registries with authentication, scan images in registry, implement image provenance. Orchestrator - use namespaces for isolation, implement network policies, use secrets management, enable audit logging. Container - use read-only filesystems, limit resources, drop capabilities. Host - use container-optimized OS, implement CIS benchmarks.`, category: "Container Security", lastUpdated: new Date(), metadata: { standard: "SP 800-190" }, }); documents.push({ id: "nist-800-218", source: "NIST", title: "NIST SP 800-218: Secure Software Development Framework (SSDF)", url: "https://csrc.nist.gov/publications/detail/sp/800-218/final", content: `NIST SP 800-218 Secure Software Development Framework (SSDF) provides practices for secure software development. Four practice groups: Prepare the Organization (PO) - define security requirements, implement supporting toolchains, define and document security checks. Protect the Software (PS) - protect code from unauthorized access and tampering, provide software integrity verification mechanism, archive and protect software releases. Produce Well-Secured Software (PW) - design software to meet security requirements, review designs for compliance, reuse secure components, create source code following secure practices, test code for vulnerabilities. Respond to Vulnerabilities (RV) - identify and confirm vulnerabilities, assess risk, remediate vulnerabilities. Key practices: Implement security-focused code review. Use automated SAST and DAST tools. Maintain software bill of materials (SBOM). Verify third-party component security. Implement secure build and deployment pipelines. Establish vulnerability disclosure program. Used as basis for software security attestation requirements.`, category: "Secure Development", lastUpdated: new Date(), metadata: { standard: "SP 800-218", framework: "SSDF" }, }); // Try to fetch more detailed content from NIST website const detailedDocs = await this.fetchNISTDetails(); documents.push(...detailedDocs); console.error(`Fetched ${documents.length} NIST documents`); } catch (error) { console.error("Error fetching NIST documents:", error); } return documents; } private async fetchNISTDetails(): Promise<SecurityDocument[]> { const documents: SecurityDocument[] = []; try { // Fetch CSF core functions details const csfFunctions = [ { id: "csf-identify", title: "NIST CSF - Identify Function", content: `The Identify Function helps organizations understand their cybersecurity risk to systems, people, assets, data, and capabilities. Categories include: Asset Management (ID.AM), Business Environment (ID.BE), Governance (ID.GV), Risk Assessment (ID.RA), Risk Management Strategy (ID.RM), and Supply Chain Risk Management (ID.SC). Organizations should maintain asset inventories, understand business context, establish governance policies, conduct risk assessments, and manage supply chain risks.`, }, { id: "csf-protect", title: "NIST CSF - Protect Function", content: `The Protect Function outlines safeguards for critical infrastructure services. Categories include: Identity Management and Access Control (PR.AC), Awareness and Training (PR.AT), Data Security (PR.DS), Information Protection Processes and Procedures (PR.IP), Maintenance (PR.MA), and Protective Technology (PR.PT). Implement least privilege, conduct security awareness training, encrypt data, establish security policies, maintain systems securely, and deploy protective technologies.`, }, { id: "csf-detect", title: "NIST CSF - Detect Function", content: `The Detect Function defines activities to identify cybersecurity events. Categories include: Anomalies and Events (DE.AE), Security Continuous Monitoring (DE.CM), and Detection Processes (DE.DP). Establish baseline network operations, deploy intrusion detection systems, monitor logs, detect anomalies, conduct vulnerability scans, and maintain detection processes with defined roles and responsibilities.`, }, { id: "csf-respond", title: "NIST CSF - Respond Function", content: `The Respond Function includes activities to take action on detected cybersecurity incidents. Categories include: Response Planning (RS.RP), Communications (RS.CO), Analysis (RS.AN), Mitigation (RS.MI), and Improvements (RS.IM). Develop incident response plans, establish communication procedures, analyze incidents, contain and mitigate threats, and improve response capabilities through lessons learned.`, }, { id: "csf-recover", title: "NIST CSF - Recover Function", content: `The Recover Function identifies activities for resilience and restoration of capabilities or services impaired due to cybersecurity incidents. Categories include: Recovery Planning (RC.RP), Improvements (RC.IM), and Communications (RC.CO). Develop recovery plans, conduct backup and restoration procedures, coordinate with stakeholders, incorporate lessons learned, and update recovery strategies.`, }, ]; for (const func of csfFunctions) { documents.push({ id: `nist-${func.id}`, source: "NIST", title: func.title, url: "https://www.nist.gov/cyberframework", content: func.content, category: "CSF Functions", lastUpdated: new Date(), metadata: { framework: "CSF" }, }); } } catch (error) { console.error("Error fetching NIST details:", error); } return documents; } }

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/abreed05/cybersecurity-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

nist.ts•16.2 KiB