Microsoft Sentinel MCP Server

MCP server for Microsoft Sentinel. Enables access to Sentinel logs, incidents, analytics, and Entra ID data via a modular, queryable interface. Strictly non-production. Designed for use with Claude and other LLMs.

→ dstreefkerk/ms-sentinel-mcp-server · listed on mcp_so

Install from

mcp.so

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 1 concrete improvement we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/dstreefkerk-ms-sentinel-mcp-server-169cri)](https://m8ven.ai/mcp/dstreefkerk-ms-sentinel-mcp-server-169cri)

commit: 122dd210fe8dc543e25dbb8b12934f60240d6f56

code hash: 4c67874b79edfe3fcceb51dea075d379032ed8c2fa7b87632b24e9cbe64fe8cc

verified: 4/18/2026, 5:56:34 PM

view raw JSON →