MCP.directory
B

Bright Security

Official
brightsec

Connects to Bright Security's DAST platform to run security scans and discover vulnerabilities in web applications.

Integrates with Bright Security DAST platform for application security scanning and vulnerability discovery.

138 viewsRemote
Website

What it does

  • Start DAST security scans on web applications
  • Monitor scan progress and status
  • Retrieve vulnerability findings and reports
  • Configure scan parameters and targets
  • Export security assessment results

Best for

DevSecOps teams integrating security into CI/CD pipelinesSecurity analysts conducting web application assessmentsDevelopment teams automating vulnerability discovery
Direct DAST platform integrationStreamable HTTP transport

About Bright Security

Bright Security is an official MCP server published by brightsec that provides AI assistants with tools and capabilities via the Model Context Protocol. Bright Security DAST integrates application security scanning and automated vulnerability discovery to protect web apps

How to install

You can install Bright Security in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server supports remote connections over HTTP, so no local installation is required.

License

Bright Security is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.

Related Skills

Browse all skills
payload

Use when working with Payload CMS projects (payload.config.ts, collections, fields, hooks, access control, Payload API). Use when debugging validation errors, security issues, relationship queries, transactions, or hook behavior.

63
reverse-engineering-tools

Guide for reverse engineering tools and techniques used in game security research. Use this skill when working with debuggers, disassemblers, memory analysis tools, binary analysis, or decompilers for game security research.

47
supabase-operations

Supabase operational knowledge for migrations, RLS optimization, MCP tool benchmarks, and ADR-003 compliance. Use when validating database migrations, optimizing Row-Level Security policies, checking MCP tool performance, or ensuring Supabase operational standards. Triggers on: migration validation, RLS patterns, Supabase benchmarks, ADR-003, database state tracking, schema governance.

30
senior-security

Comprehensive security engineering skill for application security, penetration testing, security architecture, and compliance auditing. Includes security assessment tools, threat modeling, crypto implementation, and security automation. Use when designing security architecture, conducting penetration tests, implementing cryptography, or performing security audits.

29
differential-review

Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically detects and prevents security regressions.

29
qa-tester

"Browser automation QA testing skill. Systematically tests web applications for functionality, security, and usability issues. Reports findings by severity (CRITICAL/HIGH/MEDIUM/LOW) with immediate alerts for critical failures."

25