How to Use the Model Context Protocol (MCP) to Chat with Your Vulnerability Data

Executive Summary: DefectDojo Pro now includes a built-in Model Context Protocol (MCP) server. This standard allows you to connect AI models (like Claude) directly to your vulnerability data securely, enabling you to triage findings, generate reports, and ask complex security questions using natural language without manual API integration.

What is the Model Context Protocol (MCP)?

The Model Context Protocol (MCP) is an open standard that enables AI models to safely connect with external data sources and tools. Think of it as a universal "USB-C port" for Artificial Intelligence.

Before MCP, using an LLM with your own data meant manually copying and pasting context (which is insecure and tedious) or building complex, custom API integrations. MCP solves this by standardizing how tools like DefectDojo Pro expose their data to AI clients like the Claude Desktop app or IDEs like Cursor.

Why Connect MCP to DefectDojo Pro?

DefectDojo Pro has released a purpose-built MCP server integrated directly into the service. This moves AI from being a generic chatbot to a specialized security analyst that understands your specific infrastructure.

Connecting an LLM to DefectDojo Pro via MCP unlocks three layers of value:

• Contextual Intelligence: The AI doesn't just see a "SQL Injection"; it sees which product it affects, who the lead engineer is, and what the previous scan results were.
• Secure Interaction: You no longer need to paste sensitive vulnerability data into a web chat. The MCP server runs locally or via secure connections where authentication tokens are handled safely in configuration files, not chat history.
• Actionable Agents: The AI isn't just reading data; it can take action. You can ask the AI to triage findings, update statuses, or add notes directly to DefectDojo without leaving your chat interface.

Top Use Cases: Chatting with Your Vulnerability Data

Once you connect a compatible AI client to DefectDojo Pro, you can execute complex security tasks using simple natural language. Here are the most powerful ways to use it:

1. Rapid Triage and Filtering

Instead of clicking through multiple filter menus, you can simply ask:

"Show me all critical vulnerabilities in the 'Payment Gateway' product found in the last 7 days that are still active."

The MCP server queries the DefectDojo API, filters the results, and presents them instantly.

2. Automated Pattern Recognition

Humans are good at spotting single bugs; AI is excellent at spotting trends across thousands of findings. Use MCP to ask:

"Analyze the last 3 months of findings for the 'Mobile App' engagement. Are there recurring vulnerability patterns? Which CWEs appear most frequently?"

3. Context-Aware Remediation Advice

Because the MCP connection gives the AI access to the specific finding details (including request/response pairs if available), it can provide highly specific fix recommendations:

"Look at finding #402. Based on the request headers shown in the finding, how should I configure my Content Security Policy to prevent this?"

4. Instant Executive Reporting

Generate summaries for stakeholders without opening a spreadsheet:

"Summarize the security posture of the 'Q1 Release' engagement. Highlight the top 3 risks and draft a paragraph for the CTO explaining the business impact."

How to Get Started

Since the MCP server is built into DefectDojo Pro, setup is streamlined for users of tools like Claude Desktop:

1. Generate an API Key: Log in to your DefectDojo Pro instance and create a new API v2 Key.
2. Configure Your Client: Open your MCP client configuration (e.g., the claude_desktop_config.json file).
3. Add the Server: Input your DefectDojo URL and API token into the MCP server configuration block.
4. Start Chatting: Restart your AI client. You will see a "Connected" indicator, meaning the AI now has "tools" to read and write to DefectDojo.

The Future of AI in Security

The integration of the Model Context Protocol into DefectDojo Pro represents a shift from managing vulnerabilities to interacting with them. By reducing the friction between your security data and your AI tools, you empower your team to react faster, miss fewer patterns, and spend less time on administration and more time on remediation.