Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-28874

Stackrox MCP (Model Context Protocol) Server

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Major Major
    • 4.10.0
    • None
    • None
    • Product / Portfolio Work
    • L
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • 100% To Do, 0% In Progress, 0% Done

      Epic Goal

      The primary goal of the StackRox MCP feature is to enable natural language interaction with the StackRox API using Large Language Models (LLMs). This will empower users to query StackRox for critical security information and even perform actions by simply asking questions in plain language, eliminating the need to navigate complex API calls.

      Why is this important?

      The barrier to entry in the MCP world is currently low, and by directly exposing StackRox APIs through this feature, we can position ourselves as offering cutting-edge technology to our customers. Furthermore, the rapidly evolving field of LLMs presents a significant opportunity. Prioritizing this feature allows our team to actively explore how these technologies can enhance Red Hat's security offerings and keep us at the forefront of innovation. Enabling natural language interaction can also pave the way for more sophisticated automation of security tasks and workflows in the future.

      Understanding our customers' maturity and preferences in this space is also crucial. We aim to gather insights into their adoption of local versus cloud-based LLMs. Specifically, we need to determine:

      • Will customers prioritize the data privacy offered by local LLMs, despite potential limitations in speed and context?
      • Are customers willing to utilize cloud-based LLMs, and if so, which providers are preferred? This will help us understand their comfort level with connecting security results to third-party tools.

      This initiative also holds the potential to address existing customer pain points, such as the difficulty in interpreting or locating specific data within reports. With the increasing prevalence of AI, we anticipate customers will:

      • Seek direct answers to concrete questions in an easily understandable, human-readable format.
      • Desire the ability to create more complex workflows that involve retrieving and integrating data from various tools.

      Phase 1: Rapid Development of a Basic MCP Server

      The initial step involves the swift creation of a foundational MCP server. This will be achieved by directly connecting the existing StackRox APIs in a manner that allows an LLM to effectively retrieve their content. This approach leverages prior efforts, such as the prototype developed by Robby during the hackathon. The primary objective is to produce a basic, yet functional, version of the MCP server within a short timeframe. This early deliverable will facilitate initial testing and integration efforts, establishing a fundamental building block for subsequent development and the collection of early user feedback.

      The following guide must be followed when creating MCP design, it has been created by Prod Sec:  https://docs.google.com/document/d/191SowuNYeubC8X0ziTfnfbuTCaEaRZ32HuWZhlpNzWY/edit?tab=t.0#heading=h.35y2gsvqwqzd

       

      Phase 2: Exploration of Key User Interactions and API Metadata Refinement

      In parallel, we will conduct a focused investigation into likely user interactions with ACS through the MCP server. This exploratory phase aims to identify practical use cases by envisioning the types of questions customers might ask. A key goal of this plan is to refine the APIs' metadata. By enriching the metadata, we aim to provide the LLM with as much contextual information as possible, thereby enabling it to generate more accurate and valuable responses for the customer.

      Phase 3: Marketing our MCP Server

      To generate awareness and encourage adoption, we will actively market our MCP server through engaging content. This will include the creation of a blog post detailing the capabilities and benefits of the feature, along with a complementary YouTube video showcasing practical use cases and demonstrating its ease of use. This proactive outreach will aim to reach potential early adopters, gather valuable feedback, and establish StackRox as an innovator in the realm of AI-powered security interaction.

       

      Dependencies (internal and external)

      1. Will RH creating a standard recommendation/way for creating MCP Servers. 

      2. Will RH deliver a LLM (vLLM?) to run on CPU for the customer to play with MCP Server

        1. main.py
          2 kB
          Mladen Todorovic
        2. goose-config.yaml
          0.5 kB
          Mladen Todorovic
        3. acs-openapi-v2.json
          6.74 MB
          Mladen Todorovic

          1.
          		 Experiment: use API-wrapper MCP for ACS Sub-task In Progress Undefined Robby Cochran
          2.
          		 Exploration of Key User Interactions and API Metadata Refinement Sub-task In Progress Undefined Maria Simon Marcos

              rcochran@redhat.com Robby Cochran
              rh-ee-masimonm Maria Simon Marcos
              Maria Simon Marcos Maria Simon Marcos
              ACS Sensor & Ecosystem
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: