Glossary
What Is the Model Context Protocol (MCP)?
Model Context Protocol (MCP) is an open standard introduced by Anthropic in late 2024 that lets AI assistants connect to external tools and data sources through a uniform interface. Instead of every model integrating every tool one by one, an MCP server exposes its capabilities and any MCP-aware client — Claude Desktop, Cursor, VS Code, custom agents — can use them.
Why MCP Exists
Before MCP, integrating an LLM with an external API required either bespoke function-calling glue per model or a custom agent framework per tool. MCP standardizes the contract: tools expose a manifest, clients discover it, calls flow through a defined protocol. It is to AI tooling roughly what USB or LSP was to its respective domain — a shared interface that lets components mix freely.
The Three Protocol Concepts
- Tools — functions the AI can invoke (run a query, read a file, send a message).
- Resources — data the AI can read (documents, database entries, configuration).
- Prompts — pre-defined templates the AI can use as starting points for a task.
Transports
- stdio — local subprocess, good for local tools.
- SSE (Server-Sent Events) — long-lived HTTP, common for hosted servers.
- HTTP / streamable HTTP — request-response and streaming variants.
Why MCP Matters for Security Tools
Security analysts increasingly drive investigations through AI assistants. An MCP server is the piece that lets the assistant call security tools mid-conversation: querying threat-intel data, resolving a domain, looking up an ASN, pivoting through historical infrastructure. A security tool without an MCP interface is one the AI agent cannot reach.
MCP and Whisper
Whisper ships an MCP server at mcp.whisper.security. AI agents — Claude Desktop, Cursor, Continue, Windsurf, custom MCP clients — query the knowledge graph directly. Read more on the AI Context page or in the MCP setup docs.