Skip to main content
Glama

rocketcyber-mcp

MCP (Model Context Protocol) server for the RocketCyber Managed SOC platform. Provides read-only access to RocketCyber security data through 10 tools and 3 resources.

Features

  • 10 read-only tools covering all RocketCyber API resources

  • 3 MCP resources for quick data access

  • Dual transport: stdio (default) and HTTP Streamable

  • Lazy SDK initialization on first tool call

  • Winston logger with all output routed to stderr

  • Connection test tool for validating credentials

Related MCP server: datto-bcdr-mcp

One-Click Deployment

IMPORTANT

Before you click: this server depends on @wyre-technology/node-rocketcyber, which is hosted on the GitHub Packages npm registry. GitHub Packages has no anonymous access — even though the package is public, every npm install needs a token. The cloud builder runs npm install for you, so you must give it one, or the build fails with npm error 401 Unauthorized ... npm.pkg.github.com.

  1. Create a GitHub Personal Access Token with the read:packages scope (classic token). Any GitHub account works — you do not need to be a member of the wyre-technology org to read its public packages.

  2. Add it as a build variable when prompted by the deploy flow:

    • Cloudflare Workers → set a build variable named NODE_AUTH_TOKEN to your PAT (Workers → Settings → Build → Variables and Secrets).

    • DigitalOcean App Platform → set an encrypted env var named GITHUB_TOKEN with scope Build Time to your PAT (the Dockerfile reads it for the install).

Deploy to DO

Deploy to Cloudflare Workers

Installation

This project depends on @wyre-technology/node-rocketcyber, published to the GitHub Packages npm registry, which requires a token even for public packages. Authenticate once, then install:

# Authenticate npm to GitHub Packages (token needs the read:packages scope)
export NODE_AUTH_TOKEN=$(gh auth token)   # or a PAT with read:packages

npm install
npm run build

The repo's .npmrc already points the @wyre-technology scope at GitHub Packages and reads the token from NODE_AUTH_TOKEN, so no further config is needed.

Configuration

Environment Variable

Required

Default

Description

ROCKETCYBER_API_KEY

Yes

-

RocketCyber API key

ROCKETCYBER_REGION

No

us

API region: us or eu

MCP_TRANSPORT

No

stdio

Transport type: stdio or http

MCP_HTTP_PORT

No

8080

HTTP port (when using http transport)

MCP_HTTP_HOST

No

0.0.0.0

HTTP host (when using http transport)

LOG_LEVEL

No

info

Log level: error, warn, info, debug

LOG_FORMAT

No

simple

Log format: json or simple

Usage

Claude Desktop (stdio)

Add to your Claude Desktop configuration (claude_desktop_config.json):

{
  "mcpServers": {
    "rocketcyber": {
      "command": "node",
      "args": ["/path/to/rocketcyber-mcp/dist/entry.js"],
      "env": {
        "ROCKETCYBER_API_KEY": "your-api-key"
      }
    }
  }
}

HTTP Transport

ROCKETCYBER_API_KEY=your-api-key MCP_TRANSPORT=http npm start

Tools

Tool

Description

rocketcyber_test_connection

Test the connection to RocketCyber API

rocketcyber_get_account

Get account information

rocketcyber_list_agents

List monitored agents/endpoints

rocketcyber_list_incidents

List security incidents

rocketcyber_list_events

List security events

rocketcyber_get_event_summary

Get event summary/statistics

rocketcyber_list_firewalls

List firewall devices

rocketcyber_list_apps

List managed apps

rocketcyber_get_defender

Get Windows Defender status

rocketcyber_get_office

Get Office 365 status

Resources

URI

Description

rocketcyber://account

Account information

rocketcyber://incidents

Security incidents

rocketcyber://agents

Monitored agents/endpoints

Development

# Install dependencies
npm install

# Run in development mode
npm run dev

# Build
npm run build

# Start production server
npm start

License

Apache-2.0

A
license - permissive license
-
quality - not tested
A
maintenance

Maintenance

Maintainers
Response time
6dRelease cycle
20Releases (12mo)
Commit activity

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/wyre-technology/rocketcyber-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server