Lenny Zeltser packaged his incident response writing expertise into an MCP server that Claude and other AI tools can query on demand. Point your assistant at the remote endpoint and it gains access to IR report templates, scoring rubrics for executive summaries, and guidance on framing findings without blame. The server exposes operations for generating draft reports from raw notes, providing constructive feedback on existing content, and surfacing Zeltser's published security articles. Your incident data stays local since the server only returns writing principles, not processing content. It handles ransomware versus BEC scenarios differently and knows how to balance technical detail with board readability. Built on Zeltser's MCP Expertise Toolkit, so you can fork the approach to codify your own domain knowledge.
claude mcp add --transport http com.zeltser-website-search https://website-mcp.zeltser.com/mcp