Skip to content

Commit bf4aa1e

Browse files
docs: sync EN/KO README structure — add missing sections to both
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
1 parent 39140a7 commit bf4aa1e

2 files changed

Lines changed: 176 additions & 53 deletions

File tree

README.ko.md

Lines changed: 82 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717

1818
---
1919

20-
**3,439개 보안 데이터**를 단일 MCP 인터페이스로 검색 — **NIST** (SP 800-53 1,196개 컨트롤 + 53A 평가 + 53B 기준선, CSF 2.0, PF 1.0, SP 800-37 RMF, 613개 출판물, CSF↔800-53 매핑, CMVP, NICE, 용어사전, 동의어)와 **OWASP** (Top 10, API/LLM/MCP Top 10, ASVS 5.0, WSTG, MASVS, Proactive Controls, 113+ Cheat Sheets, 418+ 프로젝트) — **실시간 NVD/CVE + CISA KEV**, PDF 읽기, 컴플라이언스 매핑, STRIDE 위협 모델링, MCP 보안 평가 포함.
20+
**4,700+개 보안 데이터**를 단일 MCP 인터페이스로 검색 — **NIST** (SP 800-53 1,196개 컨트롤 + 53A 평가 + 53B 기준선, CSF 2.0, PF 1.0, SP 800-37 RMF, 613개 출판물, CSF↔800-53 매핑, CMVP, NICE, 용어사전, 동의어)와 **OWASP** (Top 10, API/LLM/MCP Top 10, ASVS 5.0, WSTG, MASVS, Proactive Controls, 815+ CWE, 559 CAPEC 공격 패턴, 113+ Cheat Sheets, 418+ 프로젝트) — **실시간 NVD/CVE + CISA KEV + EPSS**, PDF 읽기, 컴플라이언스 매핑, STRIDE 위협 모델링, MCP 보안 평가 포함.
2121

2222
## 빠른 시작
2323

@@ -43,9 +43,18 @@ Claude CLI (Claude Code):
4343
claude mcp add security -- security-framework-mcp
4444
```
4545

46+
<details>
47+
<summary>기타 MCP 클라이언트 (Cursor, OpenCode)</summary>
48+
49+
```json
50+
{ "security": { "command": "security-framework-mcp" } }
51+
```
52+
53+
</details>
54+
4655
첫 실행 시 로컬 데이터베이스가 자동으로 생성됩니다 (~15-20초). 이후 주 1회 자동 갱신.
4756

48-
## 데이터 소스 (21개 로컬 + 2개 실시간)
57+
## 데이터 소스 (22개 로컬 + 3개 실시간)
4958

5059
### NIST (10개)
5160

@@ -62,7 +71,7 @@ claude mcp add security -- security-framework-mcp
6271
| **CMVP** | 15 | FIPS 140 인증 암호 모듈 |
6372
| **NICE** | 43 | 사이버보안 인력 프레임워크 직무 역할 |
6473

65-
### OWASP (11개)
74+
### OWASP (12개)
6675

6776
| 소스 | 레코드 | 설명 |
6877
|------|--------|------|
@@ -75,17 +84,19 @@ claude mcp add security -- security-framework-mcp
7584
| **MCP Top 10 2025** | 10 | MCP 서버 보안 위험 |
7685
| **Proactive Controls 2024** | 10 | 개발자 방어 통제 |
7786
| **MASVS** | 23 | 모바일 앱 보안 검증 표준 |
78-
| **CWE 데이터베이스** | 39 | 주요 CWE + OWASP 교차 참조 |
87+
| **CWE 데이터베이스** | 815+ | MITRE CWE 전체 + OWASP 교차 참조 |
7988
| **Cheat Sheets** | 113+ | 보안 구현 가이드 (온디맨드) |
89+
| **CAPEC 공격 패턴** | 559 | MITRE CAPEC 공격 패턴 + CWE 교차 참조 |
8090

8191
### 실시간 API
8292

8393
| 소스 | 설명 |
8494
|------|------|
8595
| NVD CVE API 2.0 | 실시간 CVE 검색 |
8696
| CISA KEV | 실제 악용된 취약점 카탈로그 |
97+
| FIRST EPSS | 익스플로잇 예측 스코어링 시스템 |
8798

88-
## 도구 (36개)
99+
## 도구 (41개)
89100

90101
### NIST 도구
91102

@@ -125,17 +136,22 @@ claude mcp add security -- security-framework-mcp
125136
| 도구 | 설명 |
126137
|------|------|
127138
| `get_cwe` | CWE 조회 + OWASP 자동 교차 참조 |
128-
| `search_kev` | CISA KEV (실제 악용된 취약점) 카탈로그 조회 |
139+
| `search_kev` | CISA KEV — 벤더/제품/날짜/랜섬웨어 필터 |
129140
| `search_cve` | 실시간 NVD CVE 검색 |
130141
| `get_cve_detail` | CVE 상세 정보 (CVSS, 약점, 참조) |
131142

132143
### 분석 & 평가
133144

134145
| 도구 | 설명 |
135146
|------|------|
136-
| `search_owasp` | 19개 소스 통합 검색 (OWASP + NIST) |
147+
| `lookup_compliance` | 역방향 조회: PCI-DSS/ISO 27001 요구사항 → NIST/ASVS |
148+
| `triage_cve` | CVE 분류: EPSS + CVSS + KEV 복합 스코어링 |
149+
| `map_finding` | CWE/CVE → 전체 개선 체인 |
150+
| `get_attack_pattern` | CAPEC 공격 패턴 + CWE 교차 참조 |
151+
| `search_owasp` | 22개 소스 통합 검색 (OWASP + NIST) |
137152
| `cross_reference` | CWE → Top 10 / ASVS / WSTG 교차 참조 |
138153
| `compliance_map` | ASVS → PCI-DSS 4.0 / ISO 27001:2022 / NIST 800-53 매핑 |
154+
| `nist_compliance_map` | SP 800-53 패밀리 → PCI-DSS 4.0 / ISO 27001:2022 매핑 |
139155
| `assess_stack` | 기술 스택 보안 진단 |
140156
| `generate_checklist` | 보안 체크리스트 생성 (프로젝트 타입 × 깊이) |
141157
| `assess_mcp_security` | MCP 서버 보안 평가 (MCP Top 10 기준) |
@@ -154,32 +170,54 @@ claude mcp add security -- security-framework-mcp
154170

155171
## 사용 예시
156172

173+
### 취약점 관리
157174
```
158-
> OWASP와 NIST 전체에서 "접근 제어"를 검색해줘
175+
> CVE-2021-44228, CVE-2023-44487 트리아지해줘 — EPSS, CVSS, KEV 상태 보여줘
176+
177+
> 2025년 이후 추가된 Microsoft CISA KEV 목록 보여줘
159178
160-
> NIST SP 800-53 AC-1 컨트롤을 보여줘
179+
> 랜섬웨어 캠페인에 사용된 KEV만 보여줘
161180
162-
> CSF 2.0의 Protect 기능 카테고리를 보여줘
181+
> CWE-502(역직렬화)를 노리는 공격 패턴은?
163182
164-
> SP 800-53 LOW 기준선에 포함된 컨트롤 목록
183+
> CWE-79를 Top 10 매핑, ASVS 요구사항, WSTG 테스트, 대응 가이드까지 한번에 보여줘
184+
```
165185

166-
> PF 1.0의 Control-P 기능을 보여줘
186+
### 컴플라이언스 & 감사
187+
```
188+
> PCI-DSS 8.3 요구사항에 매핑되는 NIST 컨트롤과 ASVS 항목 찾아줘
167189
168-
> SP 800-37 RMF의 ASSESS 단계를 설명해줘
190+
> ASVS V4를 PCI-DSS 4.0, ISO 27001, NIST 800-53에 매핑해줘
169191
170-
> CWE-79를 OWASP와 NIST 표준으로 교차 참조해줘
192+
> NIST SP 800-53 AC 패밀리를 PCI-DSS, ISO 27001에 매핑해줘
171193
172-
> ASVS V4를 PCI-DSS, ISO 27001, NIST 800-53에 매핑해줘
194+
> SP 800-53 LOW 기준선에서 IA(식별 및 인증) 패밀리 컨트롤 목록
173195
174-
> 내 스택(React, Node.js, PostgreSQL, REST API)의 보안을 진단해줘
196+
> SP 800-53 AC-1 컨트롤을 53A 평가 목표와 함께 보여줘
197+
```
175198

176-
> 웹 API 프로젝트용 보안 체크리스트를 생성해줘
199+
### 위협 모델링 & 아키텍처 리뷰
200+
```
201+
> STRIDE 위협 모델을 생성해줘: 결제 API, JWT 인증, PostgreSQL, Redis 캐시
177202
178-
> 내 MCP 서버 보안을 평가해줘: shell exec, 인증 없음, 커뮤니티 플러그인
203+
> 내 스택(React, Node.js, PostgreSQL, REST API, AWS Lambda)의 보안을 진단해줘
179204
180-
> NVD에서 critical log4j CVE를 검색해줘
205+
> SQL 인젝션 관련 CAPEC 공격 패턴을 찾아줘
181206
182-
> STRIDE 위협 모델을 생성해줘: 결제 API, JWT 인증, PostgreSQL
207+
> OWASP와 NIST 전체에서 "제로 트러스트"를 검색해줘
208+
```
209+
210+
### 개발 보안
211+
```
212+
> 웹 API 프로젝트용 포괄적 보안 체크리스트를 생성해줘
213+
214+
> OWASP Authentication Cheat Sheet 보여줘
215+
216+
> CWE-352(CSRF)를 Top 10, ASVS, WSTG 테스트 케이스와 교차 참조해줘
217+
218+
> ASVS V3(세션 관리) 레벨 2 요구사항 보여줘
219+
220+
> NVD에서 critical log4j CVE를 검색해줘
183221
```
184222

185223
## 설정
@@ -190,6 +228,30 @@ claude mcp add security -- security-framework-mcp
190228
| `SECURITY_MCP_UPDATE_INTERVAL` | `604800` (7일) | 자동 갱신 주기 (초) |
191229
| `NVD_API_KEY` | _(없음)_ | NVD API 키 (선택, 속도 향상) |
192230

231+
## 아키텍처
232+
233+
```
234+
┌─────────────────────────────────┐
235+
│ MCP Client │
236+
│ (Claude / Cursor / OpenCode) │
237+
└──────────────┬──────────────────┘
238+
│ stdio
239+
┌──────────────▼──────────────────┐
240+
│ security-framework-mcp │
241+
│ 41 tools · 4 prompts · 6 rsrc │
242+
├──────────────┬──────────────────┤
243+
│ SQLite FTS5 │ Live APIs │
244+
│ (~6.2MB) │ NVD+KEV+EPSS │
245+
├──────────────┴──────────────────┤
246+
│ NIST Collectors (10) │
247+
│ OWASP Collectors (12) │
248+
└──────────────┬──────────────────┘
249+
│ httpx (retry)
250+
┌──────────────▼──────────────────┐
251+
│ NIST OSCAL/CSRC · OWASP GitHub │
252+
└─────────────────────────────────┘
253+
```
254+
193255
## 개발
194256

195257
```bash

README.md

Lines changed: 94 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717

1818
---
1919

20-
Search and query **3,439 security data points** through a single MCP interface — **NIST** (1,196 SP 800-53 controls with 53A assessments and 53B baselines, CSF 2.0, PF 1.0, SP 800-37 RMF, 613 publications, CMVP, NICE, glossary, CSF↔800-53 mappings) and **OWASP** (Top 10, API/LLM/MCP Top 10, ASVS 5.0, WSTG, MASVS, Proactive Controls, 113+ Cheat Sheets, 418+ projects) — with **live NVD/CVE + CISA KEV**, PDF reading, compliance mapping, STRIDE threat modeling, and MCP security assessment.
20+
Search and query **4,700+ security data points** through a single MCP interface — **NIST** (1,196 SP 800-53 controls with 53A assessments and 53B baselines, CSF 2.0, PF 1.0, SP 800-37 RMF, 613 publications, CMVP, NICE, glossary, CSF↔800-53 mappings) and **OWASP** (Top 10, API/LLM/MCP Top 10, ASVS 5.0, WSTG, MASVS, Proactive Controls, 815+ CWEs, 559 CAPEC attack patterns, 113+ Cheat Sheets, 418+ projects) — with **live NVD/CVE + CISA KEV + EPSS**, PDF reading, compliance mapping, STRIDE threat modeling, and MCP security assessment.
2121

2222
## Quick Start
2323

@@ -52,44 +52,48 @@ claude mcp add security -- security-framework-mcp
5252

5353
</details>
5454

55-
## Data Sources (21 local + 2 live)
55+
First run automatically builds the local database (~15-20 seconds). Auto-refreshes weekly.
56+
57+
## Data Sources (22 local + 3 live)
5658

5759
### NIST (10)
5860

59-
| Source | Records |
60-
|--------|---------|
61-
| SP 800-53 Rev. 5 Controls (+ 53A assessments + 53B baselines) | 1,196 |
62-
| CSF 2.0 | 225 |
63-
| PF 1.0 | 92 |
64-
| SP 800-37 RMF | 7 steps |
65-
| Publications (SP 800, FIPS, IR, CSWP) | 613 |
66-
| CSF ↔ 800-53 Mappings | 57 |
67-
| Glossary | 39 |
68-
| Synonyms | 53 |
69-
| CMVP (FIPS 140) | 15 |
70-
| NICE Work Roles | 43 |
71-
72-
### OWASP (11)
73-
74-
| Source | Records |
75-
|--------|---------|
76-
| Projects | 418 |
77-
| ASVS 5.0 | 345 |
78-
| WSTG | 111 |
79-
| Top 10 2021 / API Top 10 2023 / LLM Top 10 2025 / MCP Top 10 2025 | 10 each |
80-
| Proactive Controls 2024 | 10 |
81-
| MASVS | 23 |
82-
| CWE Database | 39 |
83-
| Cheat Sheets | 113+ |
61+
| Source | Records | Description |
62+
|--------|---------|-------------|
63+
| SP 800-53 Rev. 5 Controls | 1,196 | Security/privacy controls + **53A assessment objectives/methods** + **53B baselines (LOW/MODERATE/HIGH)** |
64+
| CSF 2.0 | 225 | Cybersecurity Framework (6 functions, 22 categories, 197 subcategories) |
65+
| PF 1.0 | 92 | Privacy Framework (5 functions) |
66+
| SP 800-37 RMF | 7 steps | Risk Management Framework (7-step process) |
67+
| Publications | 613 | Full NIST cybersecurity publications (SP 800, FIPS, IR, CSWP) |
68+
| CSF ↔ 800-53 Mappings | 57 | Framework cross-references |
69+
| Glossary | 39 | Core cybersecurity terms |
70+
| Synonyms | 53 | Security acronym expansions (MFA↔multi-factor authentication, etc.) |
71+
| CMVP | 15 | FIPS 140 validated crypto modules |
72+
| NICE Work Roles | 43 | Cybersecurity Workforce Framework roles |
73+
74+
### OWASP (12)
75+
76+
| Source | Records | Description |
77+
|--------|---------|-------------|
78+
| Projects | 418 | Flagship/Production/Lab/Incubator projects |
79+
| ASVS 5.0 | 345 | Application Security Verification Standard |
80+
| WSTG | 111 | Web Security Testing Guide |
81+
| Top 10 2021 / API Top 10 2023 / LLM Top 10 2025 / MCP Top 10 2025 | 10 each | Web/API/LLM/MCP security risks + CWE mappings |
82+
| Proactive Controls 2024 | 10 | Developer defense controls |
83+
| MASVS | 23 | Mobile Application Security Verification Standard |
84+
| CWE Database | 815+ | Full MITRE CWE + OWASP cross-references |
85+
| Cheat Sheets | 113+ | Security implementation guides (on-demand) |
86+
| CAPEC Attack Patterns | 559 | MITRE CAPEC attack patterns + CWE cross-references |
8487

8588
### Live APIs
8689

8790
| Source | Description |
8891
|--------|-------------|
8992
| NVD CVE API 2.0 | Real-time CVE search |
9093
| CISA KEV | Known Exploited Vulnerabilities catalog |
94+
| FIRST EPSS | Exploit Prediction Scoring System |
9195

92-
## Tools (36)
96+
## Tools (41)
9397

9498
### NIST
9599

@@ -131,15 +135,20 @@ claude mcp add security -- security-framework-mcp
131135
| `get_cwe` | CWE lookup + auto OWASP cross-references |
132136
| `search_cve` | Live NVD search |
133137
| `get_cve_detail` | Full CVE details |
134-
| `search_kev` | CISA Known Exploited Vulnerabilities |
138+
| `search_kev` | CISA KEV — vendor/product/date/ransomware filters |
135139

136140
### Analysis & Assessment
137141

138142
| Tool | Description |
139143
|------|-------------|
140-
| `search_owasp` | Search all 21 sources (NIST + OWASP unified) |
144+
| `lookup_compliance` | Reverse lookup: PCI-DSS/ISO 27001 requirement → NIST/ASVS |
145+
| `triage_cve` | CVE triage with EPSS + CVSS + KEV composite scoring |
146+
| `map_finding` | CWE/CVE → complete remediation chain |
147+
| `get_attack_pattern` | CAPEC attack patterns with CWE cross-references |
148+
| `search_owasp` | Search all 22 sources (NIST + OWASP unified) |
141149
| `cross_reference` | CWE → Top 10 / ASVS / WSTG |
142150
| `compliance_map` | ASVS → PCI-DSS 4.0 / ISO 27001:2022 / NIST 800-53 |
151+
| `nist_compliance_map` | SP 800-53 families → PCI-DSS 4.0 / ISO 27001:2022 |
143152
| `assess_stack` | Tech stack security assessment |
144153
| `generate_checklist` | Security checklist (web/api/mobile/llm/full × basic/standard/comprehensive) |
145154
| `assess_mcp_security` | MCP Top 10 assessment |
@@ -156,6 +165,58 @@ claude mcp add security -- security-framework-mcp
156165
| `compliance_check` | Compliance assessment |
157166
| `secure_code_review` | Code security review |
158167

168+
## Use Cases
169+
170+
### Vulnerability Management
171+
```
172+
> Triage CVE-2021-44228 and CVE-2023-44487 — show EPSS, CVSS, KEV status
173+
174+
> Show all CISA KEV entries for Microsoft added after 2025-01-01
175+
176+
> Show only KEV vulnerabilities with known ransomware campaign use
177+
178+
> What attack patterns target CWE-502 (deserialization)?
179+
180+
> Map CWE-79 to OWASP Top 10, ASVS requirements, WSTG tests, and remediation guidance
181+
```
182+
183+
### Compliance & Audit
184+
```
185+
> What NIST SP 800-53 controls and ASVS requirements map to PCI-DSS 8.3?
186+
187+
> Map ASVS V4 to PCI-DSS 4.0, ISO 27001, and NIST 800-53
188+
189+
> Map NIST SP 800-53 AC family to PCI-DSS and ISO 27001
190+
191+
> Show SP 800-53 LOW baseline controls for the IA (Identification and Authentication) family
192+
193+
> Show SP 800-53 AC-1 control with 53A assessment objectives
194+
```
195+
196+
### Threat Modeling & Architecture Review
197+
```
198+
> Generate a STRIDE threat model: payment API, JWT auth, PostgreSQL, Redis cache
199+
200+
> Assess my stack: React, Node.js, PostgreSQL, REST API, AWS Lambda
201+
202+
> Find CAPEC attack patterns related to SQL injection
203+
204+
> Search all NIST and OWASP sources for "zero trust"
205+
```
206+
207+
### Development Security
208+
```
209+
> Generate a comprehensive security checklist for a web API project
210+
211+
> Show OWASP Cheat Sheet for Authentication
212+
213+
> Cross-reference CWE-352 (CSRF) to Top 10, ASVS, and WSTG test cases
214+
215+
> Show ASVS V3 (Session Management) level 2 requirements
216+
217+
> Search NVD for critical log4j CVEs
218+
```
219+
159220
## Configuration
160221

161222
| Variable | Default | Description |
@@ -174,13 +235,13 @@ claude mcp add security -- security-framework-mcp
174235
│ stdio
175236
┌──────────────▼──────────────────┐
176237
│ security-framework-mcp │
177-
36 tools · 4 prompts · 6 rsrc │
238+
41 tools · 4 prompts · 6 rsrc │
178239
├──────────────┬──────────────────┤
179240
│ SQLite FTS5 │ Live APIs │
180-
│ (~6.2MB) │ NVD + CISA KEV
241+
│ (~6.2MB) │ NVD+KEV+EPSS
181242
├──────────────┴──────────────────┤
182243
│ NIST Collectors (10) │
183-
│ OWASP Collectors (11) │
244+
│ OWASP Collectors (12) │
184245
└──────────────┬──────────────────┘
185246
│ httpx (retry)
186247
┌──────────────▼──────────────────┐

0 commit comments

Comments
 (0)