{"slug":"binalyze/air-mcp","name":"Binalyze AIR MCP Server","description":"Interact with Binalyze AIR's digital forensics and incident response capabilities using natural language.","category":"development","tags":[],"official":false,"stars":7,"transport":"http","install":[{"cmd":"npx -y @smithery/cli@latest","imports":[]}],"tools":[{"name":"Asset Management","description":"List assets in your organization."},{"name":"Asset Details","description":"Get detailed information about a specific asset by its ID."},{"name":"Asset Tasks","description":"Get all tasks associated with a specific asset by its ID."},{"name":"Acquisition Profiles","description":"List acquisition profiles."},{"name":"Acquisition Tasks","description":"Assign evidence acquisition tasks to endpoints."},{"name":"Image Acquisition Tasks","description":"Assign disk image acquisition tasks to endpoints."},{"name":"Baseline Acquisition","description":"Acquire baseline data from specific endpoints to establish a reference point."},{"name":"Compare Baseline","description":"Compare multiple baseline acquisition tasks for a specific endpoint to identify changes."},{"name":"Get Comparison Report","description":"Retrieve comparison result report for a specific endpoint and task."},{"name":"Create Acquisition Profiles","description":"Create new acquisition profiles with specific evidence/artifact/network settings."},{"name":"Acquisition Artifacts","description":"List available artifacts for evidence collection."},{"name":"Acquisition Evidences","description":"List available evidence items for forensic data collection."},{"name":"Reboot Tasks","description":"Assign reboot tasks to specific endpoints."},{"name":"Shutdown Tasks","description":"Assign shutdown tasks to specific endpoints."},{"name":"Isolation Tasks","description":"Isolate or unisolate specific endpoints."},{"name":"Log Retrieval Tasks","description":"Retrieve logs from specific endpoints."},{"name":"Version Update Tasks","description":"Assign version update tasks to specific endpoints."},{"name":"Organization Management","description":"List organizations."},{"name":"Case Management","description":"List cases in your organization."},{"name":"Policy Management","description":"See security policies across your organization."},{"name":"Task Management","description":"Track forensic collection tasks and their statuses."},{"name":"Triage Rules","description":"View YARA, Osquery and Sigma rules for threat detection."},{"name":"User Management","description":"List users in your organization."},{"name":"User Details","description":"Get detailed information about a specific user by their ID."},{"name":"Drone Analyzers","description":"View available drone analyzers with supported operating systems."},{"name":"Audit Log Export","description":"Initiate an export of audit logs."},{"name":"List Audit Logs","description":"View audit logs from the system."},{"name":"Uninstall Assets","description":"Uninstall specific assets based on filters without purging data."},{"name":"Purge and Uninstall Assets","description":"Purge data and uninstall specific assets based on filters."},{"name":"Add Tags to Assets","description":"Add tags to specific assets based on filters."},{"name":"Remove Tags from Assets","description":"Remove tags from specific assets based on filters."},{"name":"Auto Asset Tagging","description":"Create and update rules to automatically tag assets based on specific conditions."},{"name":"List Auto Asset Tags","description":"List all existing auto asset tag rules."},{"name":"Get Auto Asset Tag Details","description":"Get detailed information about a specific auto asset tag rule by its ID."},{"name":"Delete Auto Asset Tag","description":"Delete a specific auto asset tag rule by its ID."},{"name":"Start Auto Tagging","description":"Initiate the auto tagging process for assets that match specific filter criteria."},{"name":"E-Discovery Patterns","description":"List available e-discovery patterns for detecting different file types."},{"name":"Policy Management","description":"List, create, update, and delete policies in your organization."},{"name":"Policy Match Statistics","description":"See which policies apply to your assets based on various criteria."},{"name":"Task Assignment Management","description":"View and manage task assignments."},{"name":"Triage Rules Management","description":"List, create, update, and delete triage rules for threat detection."},{"name":"Triage Tags Management","description":"List and create triage tags for threat detection."},{"name":"Validate Triage Rule","description":"Validate a triage rule syntax without creating it."},{"name":"Assign Triage Task","description":"Assign a triage task to endpoints based on filter criteria."},{"name":"Add Note to Case","description":"Add a note to a specific case by its ID."},{"name":"Update Note in Case","description":"Update an existing note in a specific case."},{"name":"Delete Note from Case","description":"Delete a note from a case by its ID."},{"name":"Export Cases","description":"Export cases data from the system."},{"name":"Export Case Notes","description":"Export notes for a specific case by its ID."},{"name":"Export Case Endpoints","description":"Export endpoints for a specific case by its ID."},{"name":"Export Case Activities","description":"Export activities for a specific case by its ID."},{"name":"Create Case","description":"Create a new case in the system."},{"name":"Update Case","description":"Update an existing case by ID."},{"name":"Get Case by ID","description":"Get detailed information about a specific case by its ID."},{"name":"Close Case by ID","description":"Close a specific case by its ID."},{"name":"Open Case by ID","description":"Open a specific case by its ID."},{"name":"Archive Case by ID","description":"Archive a specific case by its ID."},{"name":"Check Case Name","description":"Check if a case name is already in use."},{"name":"Get Case Activities","description":"Get activity history for a specific case by its ID."},{"name":"Get Case Endpoints","description":"Get all endpoints associated with a specific case by its ID."},{"name":"Get Case Tasks by ID","description":"Get all tasks associated with a specific case by its ID."},{"name":"Get Case Users","description":"Get all users associated with a specific case by its ID."},{"name":"Remove Endpoints from Case","description":"Remove endpoints from a case based on specified filters."},{"name":"Remove Task Assignment from Case","description":"Remove a specific task assignment from a case."},{"name":"Import Task Assignments to Case","description":"Import task assignments to a specific case."}],"env_vars":["AIR_API_TOKEN"],"auth_type":"none","github":"https://github.com/binalyze/air-mcp","homepage":"","server_url":"","status":"active","source":"mcpservers.org","updated_at":"Mon May 25"}