Model Context Protocol is becoming the standard way for AI assistants to connect to the systems they need to be useful. Today, we are extending TENET into that ecosystem with the TENET MCP server.
The TENET MCP server lets AI assistants query your Azure risk data directly. Instead of switching between tools to gather context, your AI assistant can pull live risk signals, identity exposure, compliance posture, and attack path data from TENET and use that information to help you understand, prioritize, and remediate issues — all within the workflow you are already in.
Why MCP matters for cloud security
AI assistants are becoming a core part of how engineers and security teams work. But without access to real environment data, they are limited to general knowledge. They cannot tell you what is actually exposed in your Azure tenant, which identities carry the most risk, or which finding should be fixed first.
MCP changes that by giving AI models a structured way to call tools, read data sources, and retrieve live context from external systems. When a security platform exposes an MCP server, the AI assistant can query it mid-conversation and guide users through decisions grounded in real data rather than assumptions.
For TENET, this means your AI assistant now has access to the same risk intelligence your security team relies on.
What the TENET MCP server enables
Three capabilities define what the server makes possible.
Unified Azure risk context. The MCP server gives AI models a single access point to TENET's full risk picture — asset exposure, identity relationships, misconfiguration signals, anomaly indicators, compliance evidence, and attack path data. The AI assistant retrieves that context directly rather than asking teams to describe their environment manually.
Live posture answers. Security questions that previously required manual investigation — which resources are internet-exposed, which identities have standing privilege to sensitive data, which misconfigurations are compounding an existing risk — can now be answered in seconds through a natural language prompt backed by live TENET data.
Remediation guidance in context. Because the AI assistant knows what TENET is seeing, it can move beyond identifying issues and help teams understand what to do: explain the risk, map the blast radius, identify the responsible team, and suggest the specific change that closes the exposure.
What you can do with it
From your IDE. Engineering teams using AI coding assistants can bring security context directly into the development workflow. A developer can ask their assistant to check whether a workload being built or modified has any associated exposure in TENET. The assistant queries the MCP server, retrieves relevant findings, and surfaces the risk inline — before the code ships. No tab switching, no separate security review cycle.
During threat investigation. Security analysts can use the TENET MCP server to run real-time investigations. When an anomaly fires, the assistant can retrieve the identity context behind the affected workload, map its permissions, check whether it has a path to sensitive resources, and help determine scope and containment steps — all in one conversation.
As a standing security assistant. Security leaders and architects can query the assistant the way they would ask a knowledgeable colleague: which resources are publicly exposed, where does identity risk overlap with a compliance gap, are there toxic combinations in the environment that should be escalated this week? The assistant retrieves the data from TENET and returns an answer that reflects what is actually true in the environment.
Getting started
The TENET MCP server is available now. Setup requires adding TENET as an MCP source in your AI assistant's configuration and authenticating with your TENET API credentials. Full documentation is available in the TENET platform. For a guided walkthrough, reach out through the demo request flow on this site.
MCP is infrastructure for the next phase of AI-assisted security work. The TENET MCP server is how Azure risk intelligence enters that layer — giving your team the ability to move faster from detection to decision to remediation.