ThreatNews: Centralized Threat Intel & Proactive Defense

ThreatNews MCP server centralizes real-time global threat intelligence, empowering cybersecurity teams to proactively secure networks and fortify defenses against evolving attacks.

Visit Repository

✨ Research And Data

4.7(156 reviews)

234 saves

109 comments

Ranked in the top 2% of all AI tools in its category

About ThreatNews

What is ThreatNews: Centralized Threat Intel & Proactive Defense?

ThreatNews is an advanced platform designed to centralize threat intelligence collection and enable proactive cyber defense. It combines automated data aggregation with actionable insights, empowering security teams to detect, analyze, and mitigate threats faster. The system leverages MCP servers to streamline workflows, while optional integration with Neo4j builds interactive knowledge graphs for deeper threat analysis.

How to Use ThreatNews: Centralized Threat Intel & Proactive Defense?

Deployment starts by configuring MCP servers with specific parameters. Define threat collection timelines using start and end dates (e.g., March 1-10, 2024), then execute the collect.py script via commands like uv. For enhanced capabilities, setup the Neo4j module to map threat relationships. The intuitive interface in Smithery provides real-time visualization of critical threat patterns.

ThreatNews Features

Key Features of ThreatNews: Centralized Threat Intel & Proactive Defense

Unified Threat Aggregation: Collects data from diverse sources into a single hub.
Time-Bound Analysis: Pinpoint threats within specific date ranges for targeted investigation.
Smart Automation: Scripts like collect.py reduce manual effort through scheduled executions.
Knowledge Graph Integration: Neo4j's graph database maps complex attack chains for strategic defense.
User-Driven Flexibility: Customizable configurations and API integration accommodate enterprise needs.

Use Cases of ThreatNews: Centralized Threat Intel & Proactive Defense

Security teams leverage ThreatNews for:

Rapid detection of emerging vulnerabilities during active campaigns
Forensic analysis of historical breach patterns
Automated alert generation for policy violations
Training incident responders with realistic threat scenarios

Explore the Smithery interface to visualize threat networks in action.

ThreatNews FAQ

FAQ from ThreatNews: Centralized Threat Intel & Proactive Defense

How do I secure sensitive configurations?

Use environment variables like API_KEY and encrypted Neo4j credentials to isolate sensitive data from code repositories.

Can I customize time ranges dynamically?

Absolutely—adjust start/end parameters in JSON configs for on-the-fly analysis periods.

What databases work besides Neo4j?

Future updates will support SQL and NoSQL integrations, but Neo4j remains the recommended graph database for relationship mapping.

Is there API documentation?

Comprehensive docs are available in the /docs directory, including endpoints for threat data export/import.

Content

MCP server for threat info colletion

Usage : TOOL: collect_threat_info arguments": { "start_year": "2024", "start_month": "3", "start_day": "1", "end_year": "2024", "end_month": "3", "end_day": "10" }

Cursor settins->Add mcp server[stdio]: mcp.json:

{ "mcpServers": { "Threat_news": { "command": "uv", "args": ["--directory", "/Users/sheldon/Desktop/mcp_test/threatmcp","run", "collect.py"], "env": { "API_KEY": "value" } }, // if u want to create a neo4j knowledge graph. Thanks to alanse!!! "neo4j": { "command": "npx", "args": ["@alanse/mcp-neo4j-server"], "env": { "NEO4J_URI": "bolt://localhost:7687", "NEO4J_USERNAME": "neo4j", "NEO4J_PASSWORD": "123456" } }

Or view it in Smithery：