NodeZero® MCP Server
The NodeZero MCP (Model Context Protocol) Server acts as a natural language bridge between your LLMs and the NodeZero API, enabling AI agents to directly integrate real-world pentesting capabilities into agentic workflows. By securely exposing NodeZero’s operations to LLMs, the MCP Server empowers your AI to: understand offensive security context, prioritize risk based on exploit-driven data unique to your organization, and execute pentesting operation types (op types) as part of autonomous Find, Fix, Verify (FFV) cycles.
Using MCP Server
Use the MCP Server to integrate generative artificial intelligence in your NodeZero workflows:
- Use natural language with your LLM or AI agent to query via the NodeZero API for your organization's asset, vulnerability, and exposure context.
- AI drives remediation or incident response workflows using organization-specific, exploit-driven prioritization.
- Launch and manage pentests directly from your LLM without using the NodeZero Portal.
- Feed offensive security intelligence into agentic workflows for rapid verification and risk reduction.
- Simulate attacker behavior for exposure mapping, attack path visualization, or “what-if” security exercises while understanding risk in layman's terms.
- Enable LLM-powered security orchestration that automates portions of Find, Fix, Verify (FFV) driven through real exploitability context.
- Tailor system prompts to your specific use cases to improve response accuracy and reduce token usage.
Next Steps
Review the differences, and then choose either a locally-hosted MCP server or the Horizon3.ai-hosted MCP Server for use with your IDE or other AI client and your LLM models.
Feature | Horizon3.ai-hosted MCP Server | Locally hosted MCP Server |
---|---|---|
Authentication | OAuth 2.1 | Self generated Portal API Key (stored locally) |
User Mode | Multi-user supported | Single only |
Deployment | Simple | Requires configuration |
Transport protocol default | Streamable HTTP | stdio recommended |
Infrastructure | Maintained by H3 | Self hosted & maintained |
Customizability | Prompts and Agents by H3 | Highly customizable |