mcp-server-wazuh (gbrigandi)
Rust-based MCP server bridging Wazuh SIEM to Claude Desktop for contextual security data.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for mcp-server-wazuh (gbrigandi), derived from its capabilities.
AIVSS 8.0 ยท High
View MAESTRO 7-layer threat model โOverview
mcp-server-wazuh is a Rust implementation that bridges Wazuh SIEM to MCP clients, tailored for Claude Desktop, exposing Wazuh's security context (alerts, agents, rules) to an LLM. It is a lightweight, performance-oriented alternative for surfacing SIEM data conversationally. Querying live SIEM data means it inherits the sensitivity and data-egress considerations of any SIEM integration.
Key features
- Rust implementation
- Wazuh alerts and context to LLM
- Claude Desktop focused
Use cases
- Surface Wazuh alerts to an agent
- Contextualize SIEM data during investigation