Skip to content

AQtive Guard MCP server

The AQtive Guard (AQG) Model Context Protocol (MCP) server is an AI gateway to your security data in AQG. By implementing MCP, an emerging industry standard for AI integration, it enables you to connect AI-powered clients—such as Claude Desktop, Gemini CLI, or VS Code—to your AQtive Guard instance. This provides a standardized and powerful way to access and navigate your cryptographic and Non-Human Identity (NHI) data in your agentic workflows.

The server provides a set of tools, or functions, that you can use in two ways:

  • Conversational queries: You can ask an AI client questions or make requests in natural language to explore your data interactively. For example, Show me all expired certificates on production servers.
  • Automated workflows: Your scripts or AI agents can call these same tools directly to build automations. This enables you to create powerful workflows, such as an agent that checks for high-risk vulnerabilities daily and then creates a remediation ticket.

This approach gives you a flexible and structured way to access, analyze, and act on your AQtive Guard security data through AI. Refer to the MCP getting started guide to learn how.

Caution

Your cryptographic and NHI data is highly sensitive. We strongly recommend that you connect the MCP server only to AI clients that use enterprise-grade, private, or self-hosted AI models. Do not share your queries or the data returned from your AQtive Guard instance with public-facing AI services.

Example prompts

This section provides example prompts for interacting with the AQG MCP server. These examples demonstrate common queries and commands you can use as a starting point to explore your cryptographic and NHI data.

Tip

You can adapt these questions to fit your specific needs, as most AI clients can understand natural variations of these phrases. Remember to replace placeholders like {ASSET_NAME} or {ID} with actual data from your environment.

Dashboard and overview

Request high-level summaries of your overall security posture and scan activity.

  • Get a dashboard summary: Give me a summary of the AQtive Guard dashboard.
  • Count total assets: Tell me how many assets have been analyzed by AQtive Guard.

Asset inventory

Discover and list the assets monitored by AQtive Guard.

  • List all assets: Tell me which assets I have in AQtive Guard. Summarize the results in a table.
  • Find the newest asset: Tell me what the most recently scanned asset is.

Vulnerability and risk assessment

Identify and investigate specific security issues and risks.

  • Find top issues: Give me the top 3 security issues that have been detected by AQtive Guard.
  • Get issues for a specific asset: Tell me which are the most important security issues for the asset named {ASSET_NAME}.
  • Find high-risk certificates: Show me which certificates in AQtive Guard have high-risk issues assigned. Limit the result to the first 10 certificates you get.
  • Correlate objects to an issue: Where can I find the keys affected by issue {ISSUE_ID}? Specify the asset names.

Cryptographic object details

Locate and inspect specific cryptographic objects, like keys and certificates.

  • Get certificate details: Show me the certificate with ID {ID}.
  • Find a key’s location: Tell me the location of the key with ID {ID}. Specify the asset name.
  • List certificates on an endpoint: Tell me which certificates are on the endpoint {HOST_NAME}.

TLS configuration status

Check the security of your TLS configurations and handshakes.

  • Check TLS configuration: Show me the status of TLS configurations.
  • Review TLS handshakes: Show me the detected TLS handshakes.