MCP Server Overview
The Red Sift MCP (Model Context Protocol) Server enables AI assistants and agents to interact with Red Sift’s security products programmatically.
What is MCP?
Section titled “What is MCP?”The Model Context Protocol is an open standard for connecting AI models to external tools and data sources. The Red Sift MCP Server exposes our security APIs as MCP tools that AI agents can invoke.
Server endpoints
Section titled “Server endpoints”The MCP server is hosted by Red Sift at regional endpoints. Choose the endpoint matching where your account currently resides:
| Region | Endpoint |
|---|---|
| UK | mcp.redsift.cloud |
| EU | mcp.eu.redsift.cloud |
| US | mcp.us.redsift.cloud |
Capabilities
Section titled “Capabilities”The MCP Server provides 52 tools across these product areas:
- Account & IAM (6 tools) — manage accounts, product instances, users, roles, and organizations
- Brand Trust (20 tools) — monitor domains, detect and classify lookalike domains, manage logos and takedowns
- Certificates (14 tools) — monitor certificates, hosts, and endpoints, track discoveries, review security issues
- OnDMARC (10 tools) — manage domains, view compliance reports and email sources, configure Dynamic Services and tags
- Pulse (2 tools) — check service configuration and EventHub integrations
Getting started
Section titled “Getting started”- Connect your AI client (e.g. Claude Desktop, Cursor, VS Code) to the MCP server at your regional endpoint
- When prompted, sign in with your Red Sift account — the MCP server uses OAuth for authentication
- The server automatically discovers which products and instances your account has access to
Example prompt:
Find me the source classified as threat with the most DMARC fails in the last 15 days in my domain example.com?
See Tools for the full list of available MCP tools.
Machine-readable spec
Section titled “Machine-readable spec”The MCP server specification is available as a JSON file for tool/agent consumption: