BitSight Community MCP Server
Enables access to BitSight security rating data through company search and rating retrieval functionality. Automatically manages BitSight subscriptions for one-time rating requests and provides structured security assessments for companies.
README
<div align="center"> <img src="birre-logo.png" alt="Birre Logo" width="375"> </div>
A Model Context Protocol (MCP) server that provides access to BitSight security rating data. It utilizes FastMCP and the brandon-smith-187/bitsight Python library. It can be run easily without installation in a temporary, isolated Python environment with uv.
Installation
Configuration
Set these environment variables:
BST_API_KEY(required): Your BitSight API keyDEBUG(optional): Enable debug logging (true,false, default:false)
export BST_API_KEY="your-bitsight-api-key"
Run directly from GitHub with uvx
uvx --from git+https://github.com/boecht/birre server.py
Or run locally
git clone https://github.com/boecht/birre
uv run server.py
That's it! The script will automatically install all dependencies using PEP 723 inline metadata.
Alternatively run with fastmcp for more options, like HTTP transport.
Disclaimer
This project is not affiliated with, endorsed by, or sponsored by BitSight Technologies, Inc. This is an unofficial, community-developed MCP server that provides integration with Bitsight's publicly available services.
- This project is developed and maintained independently by the open source community
- "Bitsight" is a registered trademark of BitSight Technologies, Inc.
- This integration is provided "as-is" without any warranty or official support from BitSight Technologies, Inc.
This project enables third-party access to Bitsight services through their public APIs and is intended for educational and integration purposes only.
Features
Version 1.0 (MVP)
- Company Search: Search for companies by name or domain
- Company Rating: Get security ratings with automatic subscription management
- Ephemeral Subscriptions: Automatically subscribe and unsubscribe for one-time rating requests
- Structured Error Handling: Clear error responses for API issues and quota limits
- uv/uvx Compatible: Run easily with uv using PEP 723 inline script metadata
Available Tools
company_search
Search for companies in the BitSight database.
Parameters:
name(optional): Company name to search fordomain(optional): Company domain to search for
Returns:
companies: List of matching companies withGUID,name,domain, andindustrycount: Total number of matchessearch_term: The term used for searching
Example:
{
"companies": [
{
"guid": "e90b389b-0b7e-4722-9411-97d81c8e2bc6",
"name": "GitHub, Inc.",
"domain": "github.com",
"industry": "Technology"
},
...
],
"count": 4,
"search_term": "GitHub"
}
get_company_rating
Get security rating for a company by GUID. Automatically manages BitSight subscriptions.
Parameters:
guid(required): BitSight GUID of the company
Returns:
rating: Current security rating (0-900 scale)rating_date: Date of the ratinggrade: Letter grade (A, B, C, D, F)company_name: Name of the companyauto_subscribed: Boolean indicating if auto-subscription was performedauto_unsubscribed: Boolean indicating if auto-unsubscription was performed
Example:
{
"rating": 740,
"rating_date": "2025-08-26",
"grade": "A",
"company_name": "GitHub, Inc.",
"auto_subscribed": true,
"auto_unsubscribed": true
}
Development
Project Structure
birre/
├── server.py # PEP 723 entry point script
├── src/
│ └── birre/
│ ├── __init__.py
│ ├── server.py # Main FastMCP server
│ ├── config.py # Configuration management
│ └── tools/
│ ├── __init__.py
│ ├── company_search.py
│ └── company_rating.py
├── tests/
│ ├── unit/ # Unit tests with mocked dependencies
│ └── integration/ # Integration tests with real API calls
└── requirements.txt # Development dependencies
Future Versions
Version 2.0: Category Risk Ratings
- Retrieve risk ratings by category/vector
- Filter by specific risk categories
Version 3.0: Company Reports
- Download official BitSight PDF reports
- Handle report generation limits
Version 4.0: Database Caching
- Daily caching of company rating data
- Reduce duplicate API calls
Version 5.0: Multi-Tenant Service
- Remote deployment support
- Authentication and authorization
- Concurrent user support
License
This project is licensed under the MIT License.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.