Skip to content

NodeZero® MCP Server

The NodeZero MCP (Model Context Protocol) Server acts as a natural language bridge between your LLMs and the NodeZero API, enabling AI agents to directly integrate real-world pentesting capabilities into agentic workflows. By securely exposing NodeZero’s operations to LLMs, the MCP Server empowers your AI to: understand offensive security context, prioritize risk based on exploit-driven data unique to your organization, and execute pentesting operation types (op types) as part of autonomous Find, Fix, Verify (FFV) cycles.

Using MCP Server

Use the MCP Server to integrate generative artificial intelligence in your NodeZero workflows:

  • Use natural language with your LLM or AI agent to query via the NodeZero API for your organization's asset, vulnerability, and exposure context.
  • AI drives remediation or incident response workflows using organization-specific, exploit-driven prioritization.
  • Launch and manage pentests directly from your LLM without using the NodeZero Portal.
  • Feed offensive security intelligence into agentic workflows for rapid verification and risk reduction.
  • Simulate attacker behavior for exposure mapping, attack path visualization, or “what-if” security exercises while understanding risk in layman's terms.
  • Enable LLM-powered security orchestration that automates portions of Find, Fix, Verify (FFV) driven through real exploitability context.
  • Tailor system prompts to your specific use cases to improve response accuracy and reduce token usage.

Next Steps

Review the differences, and then choose either a locally-hosted MCP server or the Horizon3.ai-hosted MCP Server for use with your IDE or other AI client and your LLM models.

Feature Horizon3.ai-hosted MCP Server Locally hosted MCP Server
Authentication OAuth 2.1 Self generated Portal API Key (stored locally)
User Mode Multi-user supported Single only
Deployment Simple Requires configuration
Transport protocol default Streamable HTTP stdio recommended
Infrastructure Maintained by H3 Self hosted & maintained
Customizability Prompts and Agents by H3 Highly customizable