Connects Claude directly to CrowdStrike Falcon's security platform through their REST APIs. You get 15+ modules covering detections, incidents, threat intel, real-time response, vulnerability management, and more. Perfect for automating security workflows where you need Claude to pull detection data, hunt for threats, analyze incidents, or execute response actions. Requires CrowdStrike API credentials with appropriate scopes per module. Currently in public preview, so expect some changes, but it's already functional for building AI-powered security operations and threat analysis workflows.
claude mcp add --transport stdio crowdstrike-falcon-mcp uvx falcon-mcp