MCP-First Architecture

MCP Agent Playbooks

Declarative workflows that AI agents execute across ComplianceHarbor and third-party MCP servers. Replace iPaaS templates with native, real-time, risk-aware automation.

How MCP Playbooks Work

Your AI agent orchestrates tools across multiple MCP servers in a single workflow. ComplianceHarbor provides risk intelligence; third-party servers provide operational context.

Your AI Agent
Third-Party MCP
GitHub, Jira, ServiceNow, Okta...
+
ComplianceHarbor MCP
48 risk intelligence tools
Risk-Aware Automation
Gates, evidence, alerts

Playbook Library

Phase 2 playbooks covering deployment gates, CAB automation, identity risk, compliance evidence, and threat enrichment.

DeployGuard Coming Soon

GitHub Deployment Gate

AI agent gets PR details via GitHub MCP, assesses change risk, evaluates rollback triggers, and creates a status check — blocking risky deployments automatically.

Tools: assess_change_risk → evaluate_rollback_trigger → generate_evidence_receipt
ChangeIntel Coming Soon

ServiceNow CAB Risk

Batch-assess all pending change requests from ServiceNow, generate a risk-scored CAB agenda, and write scores back to change records automatically.

Tools: batch_assess_changes → generate_evidence_receipt → update records
ChangeIntel Coming Soon

Jira Sprint Risk

Assess risk for every change in the current Jira sprint, update custom fields with risk scores, and post a Slack summary for the team.

Tools: assess_change_risk → compare_change_windows → Slack notification
VendorRisk Coming Soon

Okta Identity Risk

Ingest suspicious identity events from Okta MCP, assess risk posture, check dark web exposure, and trigger conditional security alerts.

Tools: ingest_identity_signals → assess_risk_posture → check_dark_web_exposure
DeployGuard Coming Soon

CrowdStrike Endpoint Gate

Ingest endpoint detection data from CrowdStrike MCP, evaluate rollback triggers, and conditionally halt deployments when endpoint threats are detected.

Tools: ingest_endpoint_signals → evaluate_rollback_trigger → conditional halt
AuditReady Coming Soon

ServiceNow Evidence Sync

Generate SHA-256 evidence receipts for ServiceNow change records, attach to the change, check compliance calendar, and file compliance reports.

Tools: generate_evidence_receipt → check_compliance_calendar → attach to change
AuditReady Coming Soon

Slack Compliance Alert

Check the regulatory calendar for upcoming deadlines, filter by relevance, and post evidence status dashboards to designated Slack channels.

Tools: check_regulatory_calendar → filter deadlines → Slack post_message
ThreatSight Coming Soon

Splunk Threat Enrichment

Run Splunk searches via MCP, triangulate CVEs, check ransomware exposure, map MITRE ATT&CK TTPs, and update Splunk notable events with enriched context.

Tools: triangulate_cve → check_ransomware_exposure → get_threat_ttp_mapping
ThreatSight Coming Soon

Sentinel Threat Context

Get incident details from Microsoft Sentinel MCP, map attack surface, check patch race conditions, evaluate rollback triggers, and update the incident.

Tools: map_attack_surface → check_patch_race → evaluate_rollback_trigger

MCP Setup

Connect ComplianceHarbor to your AI agent in minutes. Works with any MCP-compatible client.

1

Get Your API Key

Sign in to the ComplianceHarbor portal and generate an API key from the Settings page.

2

Configure MCP Client

Add ComplianceHarbor as an MCP server in your AI agent’s configuration (Claude Desktop, GitHub Copilot, or any MCP client).

3

Run a Playbook

Give your agent a playbook prompt and let it orchestrate risk-aware workflows across your tools automatically.

Compatible MCP Servers

ComplianceHarbor playbooks work alongside these third-party MCP servers to deliver end-to-end risk-aware automation.

GitHub
CI/CD & Source Control
GitLab
CI/CD & Source Control
Atlassian (Jira)
Project & Change Mgmt
ServiceNow
ITSM & CMDB
Okta
Identity & Access
CrowdStrike
Endpoint Security
Splunk
SIEM & Observability
Microsoft Sentinel
SIEM & SOAR

Why MCP Instead of iPaaS?

The Model Context Protocol enables capabilities that traditional integration platforms cannot match.

Real-Time Execution

No 5-minute polling intervals. AI agents react to events as they happen.

Conditional Logic

Agents make decisions based on risk scores — halt, escalate, or approve dynamically.

Context Normalization

Field aliases automatically map GitHub, Jira, ServiceNow fields to ComplianceHarbor inputs.

Cross-Product Workflows

Combine ThreatSight + DeployGuard + AuditReady in a single agent workflow.

Get Notified When Playbooks Launch

Join the waitlist for early access to MCP Agent Playbooks. Be the first to automate risk-aware workflows with AI agents.

Migrating from Make.com or Zapier? See the Resources page for legacy ITSM integration templates.