# MCP Server

## Overview

The Panther [Model Context Protocol (MCP)](https://modelcontextprotocol.io/introduction) server enables natural language interactions with Panther in your MCP [client](https://modelcontextprotocol.io/clients) of choice. Whether you're an analyst investigating alerts, a detection engineer writing rules in [Cursor](https://www.cursor.com/en), or a CISO seeking metrics and quick insights, the MCP server lets you work with the [Panther API](https://docs.panther.com/panther-developer-workflows/api) using conversational AI.

The Panther MCP server democratizes Panther access to users across your organization—imagine not having to know how to program in Python to write a rule, or not needing a query language like SQL or PantherFlow to search data.

For example, you can use the Panther MCP server for:

* **Detection engineering**: Generate rules based on real logs in your data lake, using clients like Cursor.
  * In Cursor, "Create a rule to monitor when AWS admins are created in account 333333444444"
* **Alert triage**: Review and correlate many alerts generated within a given time period.
  * In Claude for Desktop, "Show me all medium+ alerts from the last 24 hours grouped by IP"
* **Threat investigation**: Query your security logs and investigate anomalies.
  * In Claude for Desktop, "Query AWS CloudTrail logs for failed login attempts in the last day."
* **Panther operations**: Expedite the resolution of operational issues end-to-end, such as [rule errors](https://docs.panther.com/detections/rules#rule-errors-and-scheduled-rule-errors) or [system errors](https://docs.panther.com/system-configuration/notifications/system-errors).
  * In Claude for Desktop, "Generate a report of our top 10 rules by alert volume this month"

The Panther MCP server includes tools for working with a number of entities, like alerts, data, rules, data models, schemas, metrics, and Panther users. Learn more about these tools in the [Available Tools section in the `mcp-panther` repository's README](https://github.com/panther-labs/mcp-panther?tab=readme-ov-file#available-tools).

The Panther MCP server is open-source—see the [contribution guidelines here](https://github.com/panther-labs/mcp-panther/blob/main/CONTRIBUTING.md). If you find a bug in the MCP server or need extra support while using it, please [create an issue in the repository](https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/creating-an-issue).

{% hint style="info" %}
Use of Panther MCP features is subject to the [AI disclaimer found on the Legal page](https://docs.panther.com/resources/help/legal#ai-disclaimer).
{% endhint %}

## Using the MCP workflow

1. Install the MCP server in your client of choice (e.g., Claude for Desktop).
   * You can install the Panther MCP server locally using `docker` or `uvx`. For full instructions, see the [MCP Server Installation section of the README](https://github.com/panther-labs/mcp-panther?tab=readme-ov-file#mcp-server-installation).
2. Ask a Panther-relevant question or provide a prompt (e.g., "Write a detection for suspicious S3 bucket access").
3. Your client uses `mcp-panther`'s [tools](https://github.com/panther-labs/mcp-panther?tab=readme-ov-file#available-tools) to interact with [Panther's APIs](https://docs.panther.com/panther-developer-workflows/api) and gather necessary data.
4. Your client uses the response from `mcp-panther` to answer your question or execute the action you requested.

## Securing your MCP server

To safely use the Panther MCP server, it's strongly recommended to follow the guidelines in the [Security Best Practices section in the mcp-panther repository's README](https://github.com/panther-labs/mcp-panther?tab=readme-ov-file#security-best-practices).

## The Panther MCP server vs. Panther AI

The Panther MCP server and [Panther AI](https://docs.panther.com/ai) both allow you to interact with your Panther instance with AI using free-form prompts, but there are a few key differences:

<table><thead><tr><th width="205.68743896484375"></th><th>Panther MCP server</th><th width="254.5789794921875">Panther AI</th></tr></thead><tbody><tr><td><strong>Primary use case</strong></td><td>Detection engineering, cross-tool workflows, ad-hoc investigations, custom internal agent creation</td><td>Guided alert triage and incident response</td></tr><tr><td><strong>Access method</strong></td><td><a href="https://modelcontextprotocol.io/clients">MCP clients</a> like Cursor, Claude for Desktop, and Goose</td><td>Panther Console (and API, for <a href="../system-configuration/panther-deployment-types/cloud-connected">Cloud Connected</a> customers)</td></tr><tr><td><strong>Integration capability</strong></td><td>Works alongside other <a href="https://github.com/modelcontextprotocol/servers">MCP servers</a> (e.g., GitHub, Slack, Notion, etc.)</td><td>Panther-specific workflows only</td></tr><tr><td><strong>Best for</strong></td><td>Complex, exploratory tasks requiring flexibility across Panther</td><td>Repeatable, consistent security operations workflows</td></tr><tr><td><strong>AI model</strong></td><td>Uses your MCP client's chosen model (e.g., GPT-4, Claude, LLama4, etc.)</td><td>Powered by <a href="https://www.anthropic.com/claude">Claude AI models by Anthropic</a> through <a href="https://aws.amazon.com/bedrock/">Amazon Bedrock</a></td></tr></tbody></table>

## MCP Server Permissions Guide

<table><thead><tr><th width="310.76171875">Access Level</th><th>API Token Permissions</th><th data-hidden></th></tr></thead><tbody><tr><td>Read-only (minimum recommended)</td><td><code>Read Alerts</code>, <code>View Rules</code> , <code>View Policies</code>, <code>Query Data Lake</code>, <code>View Log Sources</code> <code>Read Panther Metrics</code>, <code>Read User Info</code>  , <code>Read API Token Info</code></td><td></td></tr><tr><td>Write Actions</td><td> <code>Manage Alerts</code>, <code>Manage Rules</code>, and/or <code>Manage Policies</code></td><td></td></tr><tr><td>AI Triage</td><td> <code>Run Panther AI</code> </td><td></td></tr></tbody></table>