MCP-Defender
Execute KQL queries against Microsoft Defender Advanced Hunting via natural language.
MCP Defender is designed to protect AI applications like Cursor, Claude, Visual Studio Code, and Windsurf from various attacks by automatically intercepting and analyzing MCP tool call requests and responses. The app proxies all traffic through its system, checking the intercepted data against a comprehensive set of signatures to identify harmful activity. When potential threats are detected, MCP Defender alerts users and provides options to either allow or block the tool call, ensuring that users maintain control over their application's security. This proactive approach to security helps safeguard sensitive data and enhances the overall safety of using AI tools.
Compatible with
Install
Claude Desktop
Add to your claude_desktop_config.json:
{
"mcpServers": {
"mcp-defender": {
"args": [
"mcp-defender"
],
"command": "uvx"
}
}
}Config File Location
Mac: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
Linux: ~/.config/claude/claude_desktop_config.json
Some servers require additional setup - check the GitHub README for specific instructions.
Permissions