remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Integrations

Enables runtime security analysis of containers, including process behavior monitoring, baselines, and container inventory management.
Provides security insights for Kubernetes environments, including cluster inventory, container details, Kubernetes resource monitoring, and identifying security vulnerabilities in Kubernetes objects.
Required runtime environment for the MCP server, with version 20.x or higher needed for operation.

RAD Security MCP Server

A Model Context Protocol (MCP) server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments.

Installation

npm install @rad-security/mcp-server

Usage

Prerequisites

Node.js 20.x or higher

Environment Variables

The following environment are required required to use the MCP server with Rad Security:

RAD_SECURITY_ACCESS_KEY_ID="your_access_key"
RAD_SECURITY_SECRET_KEY="your_secret_key"
RAD_SECURITY_ACCOUNT_ID="your_account_id"

but you can also use few operations without authentication:

List CVEs
Get details of a specific CVE
Get latest 30 CVEs
List Kubernetes resource misconfiguration policies

In cursor IDE

It's quite problematic to set ENV variables in cursor IDE.

So, you can use the following start.sh script to start the server.

./start.sh

Please set the ENV variables in the start.sh script first!

In Claude Desktop

You can use the following config to start the server in Claude Desktop.

{
  "mcpServers": {
    "rad-security": {
      "command": "npx",
      "args": ["-y", "@rad-security/mcp-server"],
      "env": {
        "RAD_SECURITY_ACCESS_KEY_ID": "<your-access-key-id>",
        "RAD_SECURITY_SECRET_KEY": "<your-secret-key>",
        "RAD_SECURITY_ACCOUNT_ID": "<your-account-id>"
      }
    }
  }

As a Docker Container - with SSE

docker build -t rad-security/mcp-server .
docker run \
  -e TRANSPORT_TYPE=sse \
  -e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
  -e RAD_SECURITY_SECRET_KEY=your_secret_key \
  -e RAD_SECURITY_ACCOUNT_ID=your_account_id \
  -p 3000:3000 \
  rad-security/mcp-server

Features

Account Inventory
- List clusters and their details*
Containers Inventory
- List containers and their details*
Security Findings
- List and analyze security findings*
Runtime Security
- Get process trees of running containers*
- Get runtime baselines of running containers*
- Analyze process behavior of running containers*
Network Security
- Monitor HTTP requests*
- Track network connections*
- Analyze network patterns*
Identity and Access
- List identities*
- Get identity details*
Audit
- List who shelled into a pod*
Cloud Security
- List and monitor cloud resources*
- Get resource details and compliance status*
Images
- Get SBOMs*
- List images and their vulnerabilities*
- Get top vulnerable images*
Kubernetes Objects
- Get details of a specific Kubernetes resource*
- List Kubernetes resources*
- List Kubernetes resource misconfiguration policies*
Threat Vector
- List threat vectors*
- Get details of a specific threat vector*
CVEs
- List CVEs
- Get details of a specific CVE
- Get latest 30 CVEs

* - requires authentication and account in Rad Security.

Development

# Install dependencies
npm install

# Run type checking
npm run type-check

# Run linter
npm run lint

# Build
npm run build

License

MIT License - see the LICENSE file for details

This server cannot be installed

-

security - not tested

A

license - permissive license

-

quality - not tested

CP server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments. This server provides tools for querying the Rad Security API and retrieving security findings, reports, runtime data and many more.