mcp-panther and Wazuh-MCP-Server
The two tools are complements: Wazuh-MCP-Server provides an AI-powered security operations layer for Wazuh SIEM that can be queried by any MCP-compatible client, while panther-labs/mcp-panther offers a platform to write detections, investigate alerts, and query logs using AI agents, implying it could be an MCP-compatible client or integrate with such systems.
About mcp-panther
panther-labs/mcp-panther
Write detections, investigate alerts, and query logs from your favorite AI agents
This tool helps security analysts manage their Panther security platform using natural language. You can query security logs, investigate alerts, and adjust detection rules by simply typing your requests. It takes your natural language commands and provides insights into security events, alert statuses, and system configurations.
About Wazuh-MCP-Server
gensecaihq/Wazuh-MCP-Server
AI-powered security operations for Wazuh SIEM—use any MCP-compatible client to ask security questions in plain English. Faster threat detection, incident triage, and compliance checks with real-time monitoring and anomaly spotting. Production-ready MCP server for conversational SOC workflows.
This project helps security operations teams manage their Wazuh SIEM more efficiently. It allows security analysts to ask plain English questions about alerts, threats, and vulnerabilities, and receive actionable responses. By connecting to any AI assistant, security teams can investigate security events, hunt for threats, and perform incident response actions using natural language.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work