Picus Security MCP Server
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| PICUS_API_BASE | No | API base URL (default: https://api.picussecurity.com/v1) | https://api.picussecurity.com/v1 |
| PICUS_REFRESH_TOKEN | Yes | Picus REST API refresh token (required) | |
| PICUS_REQUEST_TIMEOUT | No | Per-request timeout in seconds (default: 30) | 30 |
| PICUS_ENABLE_WRITE_TOOLS | No | Set to 'true' to enable write tools (default: false) | false |
| PICUS_TOKEN_LEEWAY_SECONDS | No | Refresh access token this many seconds before expiry (default: 120) | 120 |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": false
} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| picus_list_simulationsA | List simulations with overview data and latest prevention/detection scores. Paginated via limit (default 25, max 50) and offset. Filters:
Response includes a |
| picus_get_simulationA | Get full detail for one simulation, including its run list. The |
| picus_get_run_resultA | Get prevention + detection results for a specific simulation run. Returns security scores plus threat counts (blocked/not_blocked/
not_tested) and attacker-objective counts. Note the API spells two fields
|
| picus_get_latest_run_resultA | Get prevention + detection results for a simulation's most recent run. Same shape as picus_get_run_result. Convenient when you don't have a specific run id. |
| picus_get_run_threatsA | List a run's results broken down by threat -> objective -> action. Each threat and action carries a prevention status (e.g. blocked /
unblocked / achieved) and detection analysis (log_result / alert_result
per integration). Paginated via limit (default 10, max 50) and offset;
response includes a |
| picus_get_action_alertsA | List alerts raised by a SIEM/EDR integration for one action (latest run). Path is scoped to the latest run. Returns alerts with name, source, log_type, and time (epoch milliseconds). Paginated via limit (default 100, max 1000) and offset. node_id disambiguates an action used multiple times within a threat; if omitted, the first node is used. Alerts only appear when the simulation is enriched with an integration that has alert analysis enabled. |
| picus_get_run_frameworksB | Get a run's results mapped to MITRE ATT&CK and Unified Kill Chain. Returns the framework-mapped prevention/detection view for the given run. (The exact response schema is not published in the Picus static docs; the raw API payload is returned as-is.) |
| picus_get_latest_run_frameworksB | Get the latest run's MITRE ATT&CK / Unified Kill Chain framework mapping. Same as picus_get_run_frameworks but for the most recent run. Raw API payload is returned as-is. |
| picus_search_threatsA | Search the Picus Threat Library with rich filters. Filters (all optional): severities (Low/Medium/High), attack_category_ids,
attack_module_ids, release_date_gte/lte (epoch), is_predefined,
affected_products, affected_os (Windows/Linux/macOS), unified_kill_chains,
threat_actors, mitre_attack (tactics), attacker_objectives. Paginated via
limit/offset; response includes a Array filters are sent comma-separated. Each threat includes framework mappings and its objective/action flows. |
| picus_get_threatA | Get full detail for a single threat from the Threat Library. Includes description, severity, affected OS/products, applicable agent types, threat actors, framework mappings (MITRE ATT&CK / Unified Kill Chain), and the objective -> action flows. |
| picus_get_threat_actionA | Get full detail for a single action from the Threat Library. Includes affected platforms, attack category/module, framework mappings (frameworks.mitre / frameworks.ukc), module-based process details, and keyword queries. created_at/updated_at/release_date are epoch milliseconds. |
| picus_list_threat_actionsA | List Threat Library actions with light metadata (id, name, updated_at). NOTE: this endpoint is served under /v2. Paginated via limit (default 100,
max 100) and offset; filter by updated_at_gte/lte (epoch). Response
includes a |
| picus_list_threat_actorsA | List all threat actors in the Threat Library (id, name, aka aliases). |
| picus_list_templatesA | List threat templates (dynamic and static). Filters: category_name (e.g. "My Templates", "Emerging Threats", "Suggested by Picus Labs") and content_type ("dynamic" for rule-based or "static" for threat-list-based). Paginated via limit/offset. Each template reports threat_count, agent_types, and content_updated_at (epoch ms). |
| picus_get_templateA | Get full detail for one threat template. Static templates return their |
| picus_list_agentsA | List all Picus simulation agents (peers). Returns each agent's id, name, status (alive/dead), type, version, platform, and created_at (epoch milliseconds). Use an agent id with picus_get_agent for full detail, or when creating a simulation. |
| picus_get_agentA | Get detailed configuration for one simulation agent by id. Includes IP/NAT IP, whether an update is needed, and the attack modules enabled for the agent. created_at is epoch milliseconds. |
| picus_list_integrationsA | List SIEM/EDR integrations with health status. Each integration reports id, name, type (SIEM/EDR), health_status (healthy flag plus an error object when unhealthy), and the connected integration agent. Timestamps are epoch milliseconds. |
| picus_list_integration_agentsA | List integration agents (the collectors that connect Picus to SIEM/EDR). Reports id, name, status (Alive/Dead), whether installed, and whether the agent token has expired. Timestamps are epoch milliseconds. |
| picus_list_mitigation_devicesA | List vendor-based mitigation devices (device_id, device_name). Served under /v2. Use a device_id with picus_get_mitigation_device_stats or picus_get_device_signatures. |
| picus_get_mitigation_device_statsA | Get effectiveness stats for one mitigation device. Returns blocked_count, not_blocked_count, total_count, and an
effectiveness |
| picus_get_device_signaturesA | Get vendor prevention signature suggestions for a device and actions. action_ids is REQUIRED (max 10 ids). Returns signatures with signature_id, name, vendor_severity, product_platform/version, etc. — the vendor signatures that mitigate the given actions on this device. |
| picus_list_not_blocked_actionsA | List not-blocked actions with generic mitigation suggestions. Returns each not-blocked action with its associated signature_names and
signature_descriptions (generic, non-device-specific recommendations).
Filters: threat_or_action_name (substring), threat_ids, threat_severities,
attack_modules, assessment_id_list, is_all_assessments, run_id. Paginated
via limit/offset; response includes a |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/BeardedInfoSec/picus-security-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server