Recently, I wrote about how the future of security operations is Federated – what we’re calling Federated Security. Query Founder, Dhiraj Sharan, expanded on the evolution of the Query CoPilot, and our Distinguished Engineer, Jonathan Rau, wrote about the future of Detection Engineering with Federated Search. Today, I’m going to show you how the future is coming into focus with a new trending acronym; MCP.

MCP is a new concept rapidly gaining traction in AI infrastructure: Model Context Protocol. Open-sourced in November by Anthropic, the standard is new but the idea is simple and powerful:

“Today, we’re open-sourcing the Model Context Protocol (MCP), a new standard for connecting AI assistants to the systems where data lives, including content repositories, business tools, and development environments. Its aim is to help frontier models produce better, more relevant responses.”

Introducing the Model Context Protocol – Anthropic – 11/25/2024

If you are new to the world of MCP this Pragmatic Engineer article is a good place to start. While this may sound like just another AI trend, I believe it represents a meaningful architectural shift, aligned toward what we at Query have been pioneering for the last several years; turning your data into an advantage.

The Query Federated Search platform functions as a normalized API gateway to your relevant security data. You could call it a practical MCP server, purpose-built for security operations. Many are calling MCP “the USB-C port for AI applications”, which makes sense, as it drastically simplifies expanding access of an LLM, or a developers IDE, to say, a data stored in a database. At Query, we see the potential for something even bigger with MCP, where Query MCP servers will act as the “USB-C hub for security data”, allowing your LLMs, agents, and other tools to access your relevant security data, using the MCP standard. This space is changing rapidly, and so are we. 

Watch us for more mission specific MCP standard based capabilities launching soon, tailored to security teams and how they can drive value from these emerging trends. Let’s dig in and explore this new world of MCP.

What Is MCP?

At its core, MCP is a standards based protocol to deliver context from distributed data to LLMs. It defines how LLM-based applications can get smarter by integrating different data sources into each interaction.

Most LLMs today operate like calculators (although they aren’t always good at simple math). You give them a prompt, they give you an answer. But in real workflows, especially in security, you need more than that. You need the model to:

  • Understand the user’s intent and role,
  • Pull in live, relevant data from trusted sources,
  • Normalize that data into a usable format,
  • And turn data into actionable context to improve the task and outcome.

This is where the MCP server comes in.

An MCP server acts as the pipeline layer between the model and everything else:

query mcp flow diagram

The result? Answers that are grounded in your data, your tools, and your workflows, not just homogenized summaries.

Query as an MCP Server

Query is adding MCP compliant capabilities to our architecture. The MCP framework shows promise, but security teams need to use a diverse set of data. An MCP server to one data source can be valuable, but an MCP server to a normalized data gateway – now we are talking. While not built on the MCP standard today, this user experience is exactly what Query is all about.

Our platform already acts like an MCP server for access to security data:

  • Search Orchestration: Query takes in a user’s search and translates and routes it to the right data sources, using system-specific APIs. The user doesn’t need to know search languages or data structures.
  • Schema Normalization: Everything is returned in OCSF format, giving a shared language across previously siloed tools.
  • Context Injection: Results are enriched with context like asset data, identity relationships, or threat intelligence. These become part of the answer and inform next steps.
  • Copilot Interface: Query Copilot lets users ask natural questions of the data returned, summarize it, or generate follow up tasks such as escalation summaries.
query mcp diagram 1

Simplified, the architecture breaks down into three categories:

  • Client: LLM, browser, Splunk app, and/or APIs
  • Server: Query platform – OCSF normalized access to all connected data sources
  • Endpoints: Security tools, cloud systems, cloud buckets, asset inventories, identity platforms, business tools, and 40+ security relevant data sources

All of this works without moving the data or building custom pipelines. That’s the power of a federated, MCP-style approach.

Query MCP Server Experience

A simple example I’ve seen a few times is around building a weather forecasting MCP server.  In this example, the MCP server could expose two tools from the National Weather Service API, ‘get_alerts’ and ‘get_forecast’. Once integrated with an MCP client, a user could then ask questions such as “What’s the forecast for Atlanta, Georgia” or “Are there active weather alerts in Austin, Texas”.

Using the Query MCP servers (or Copilots), which will initially enable searching using the Open Cybersecurity Schema Framework (OCSF) observables, a user could ask questions like “has this IP address been seen in the last 24 hours” or “are there active alerts associated with user Barbara Salazar?”. The Query MCP server would then return an OCSF normalized data set containing results from all connected data sources, all normalized to OCSF. Your LLM’s and MCP clients can now reach all of your environment, while limiting access to any sensitive data or systems you don’t want to expose. 

query mcp diagram 2

The AI Landscape Evolves Quickly

MCP isn’t theoretical. It’s not a pitch deck idea. It’s a shift in how modern systems are built. Organizations are moving away from one-size-fits-all platforms and toward flexible, composable architectures. Every day LLMs become further integrated into our workflows.

Query is built for this world. A world where:

  • Your data stays where it lives, in the platforms, tools, lakes, SIEMs, or behind APIs.
  • Your tools don’t require custom pipelines to be useful.
  • Your AI assistant is grounded in real-time, normalized data sets, not hallucinations.

We didn’t set out to simply “build an MCP.” We set out to make it easier for security teams to get value out of the data they already have. But this architecture – Federated Search paired with intelligent context orchestration – turns out to be exactly what MCP is all about. We are actively working on new MCP server and MCP client capabilities for the Query platform. Reach out if you would like early access.

The Future Is Federated

Federated Search proved that we can bring search to the data. Federated Security shows that we can build on that and operationalize it across detections, analytics, and automation. Now, with MCP principles becoming real in how AI systems are built, the architecture we’ve invested in from day one is becoming the blueprint others are starting to follow. Query Federated Search is enabling LLMs to access security data, improving security operations.

We’re excited to see the market catching on. Because this isn’t just a shift in technology; it’s a shift in how teams get answers, how they scale, and how they deliver impact.

The best part? You don’t have to wait.

Query is already delivering on this architecture. If you are using or experimenting with LLMs, agents, and AI in your security architecture and want to see how MCPs and Query can enable you to rapidly extend your data reach, contact us here or drop me a DM on LinkedIn. 

The future is Federated.

-matt