MCP.directory
B

Bright Security

Official
brightsec

Connects to Bright Security's DAST platform to run security scans and discover vulnerabilities in web applications.

Integrates with Bright Security DAST platform for application security scanning and vulnerability discovery.

141 viewsRemote
Website

What it does

  • Start DAST security scans on web applications
  • Monitor scan progress and status
  • Retrieve vulnerability findings and reports
  • Configure scan parameters and targets
  • Export security assessment results

Best for

DevSecOps teams integrating security into CI/CD pipelinesSecurity analysts conducting web application assessmentsDevelopment teams automating vulnerability discovery
Direct DAST platform integrationStreamable HTTP transport

About Bright Security

Bright Security is an official MCP server published by brightsec that provides AI assistants with tools and capabilities via the Model Context Protocol. Bright Security DAST integrates application security scanning and automated vulnerability discovery to protect web apps with continuous, actionable testing.

How to install

You can install Bright Security in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server supports remote connections over HTTP, so no local installation is required.

License

Bright Security is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.

Related Skills

Browse all skills
reverse-engineering-tools

Guide for reverse engineering tools and techniques used in game security research. Use this skill when working with debuggers, disassemblers, memory analysis tools, binary analysis, or decompilers for game security research.

85
payload

Use when working with Payload CMS projects (payload.config.ts, collections, fields, hooks, access control, Payload API). Use when debugging validation errors, security issues, relationship queries, transactions, or hook behavior.

74
skill-vetter

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.

40
supabase-operations

Supabase operational knowledge for migrations, RLS optimization, MCP tool benchmarks, and ADR-003 compliance. Use when validating database migrations, optimizing Row-Level Security policies, checking MCP tool performance, or ensuring Supabase operational standards. Triggers on: migration validation, RLS patterns, Supabase benchmarks, ADR-003, database state tracking, schema governance.

37
differential-review

Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically detects and prevents security regressions.

31
nodejs-best-practices

Node.js development principles and decision-making. Framework selection, async patterns, security, and architecture. Teaches thinking, not copying.

31