From e79104f9951726e631d0aa194e94622b941a49e5 Mon Sep 17 00:00:00 2001 From: Artem Derevnjuk Date: Mon, 5 Jan 2026 17:34:11 +0400 Subject: [PATCH 1/2] Add Bright Security MCP server --- .../servers/bright-security-mcp-server.json | 75 +++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 partners/servers/bright-security-mcp-server.json diff --git a/partners/servers/bright-security-mcp-server.json b/partners/servers/bright-security-mcp-server.json new file mode 100644 index 0000000..d5af142 --- /dev/null +++ b/partners/servers/bright-security-mcp-server.json @@ -0,0 +1,75 @@ +{ + "name": "bright-security-mcp-server", + "title": "Bright Security", + "summary": "Enables AI agents to access Bright Security tools for app discovery and security testing.", + "description": "Bright Security MCP server enables AI agents to access Bright Security tools for application discovery and security testing. It provides seamless integration with Bright Security's platform to help developers and security teams identify vulnerabilities, perform automated security scans, and enhance application security workflows.", + "kind": "mcp", + "packages": [], + "icon": "https://avatars.githubusercontent.com/NeuraLegion?s=64", + "useCases": [ + { + "name": "API Endpoint Discovery", + "description": "Discover API endpoints automatically using web crawling or by uploading OpenAPI/Swagger API definitions." + }, + { + "name": "Automated Security Scanning", + "description": "Run comprehensive security scans against discovered entrypoints to detect vulnerabilities like SQL injection, XSS, and other OWASP Top 10 issues." + }, + { + "name": "Private Application Testing", + "description": "Set up repeaters to enable security testing of private, internal, or locally-hosted applications that are not publicly accessible." + }, + { + "name": "Vulnerability Assessment", + "description": "Review and analyze security issues found during scans, including severity levels and remediation guidance." + }, + { + "name": "Attack Surface Management", + "description": "Manage and organize entrypoints across projects to understand and monitor your application's attack surface." + }, + { + "name": "Authenticated Endpoint Testing", + "description": "Configure authentication settings to test protected endpoints that require authorization." + }, + { + "name": "CI/CD Security Integration", + "description": "Monitor scan progress and results programmatically to integrate security testing into development workflows." + } + ], + "tags": [ + "security", + "vulnerability", + "appsec", + "dast", + "api-security", + "owasp", + "ai-security" + ], + "vendor": "Partner", + "visibility": "true", + "categories": "Security", + "versionName": "Original", + "version": "1.0.0", + "remote": "https://{instance}.brightsec.com/mcp", + "remoteType": "streamable-http", + "externalDocumentation": { + "title": "Bright Security MCP Documentation", + "url": "https://docs.brightsec.com" + }, + "securitySchemes": { + "apiKeyAuth": { + "type": "apiKey", + "description": "Bright Security API key for authentication prefixed by 'Api-Key '", + "in": "header", + "name": "Authorization" + } + }, + "license": { + "name": "Proprietary", + "url": "https://brightsec.com/terms-of-use" + }, + "supportContactInfo": { + "name": "Bright Security Support", + "email": "support@brightsec.com" + } +} From 969282e959aa7a9f30f6da7dde7c662e8d2301d7 Mon Sep 17 00:00:00 2001 From: Artem Derevnjuk Date: Tue, 6 Jan 2026 21:39:41 +0400 Subject: [PATCH 2/2] Remove version field from Bright Security MCP --- partners/servers/bright-security-mcp-server.json | 1 - 1 file changed, 1 deletion(-) diff --git a/partners/servers/bright-security-mcp-server.json b/partners/servers/bright-security-mcp-server.json index d5af142..63e1504 100644 --- a/partners/servers/bright-security-mcp-server.json +++ b/partners/servers/bright-security-mcp-server.json @@ -49,7 +49,6 @@ "visibility": "true", "categories": "Security", "versionName": "Original", - "version": "1.0.0", "remote": "https://{instance}.brightsec.com/mcp", "remoteType": "streamable-http", "externalDocumentation": {