Amar Jeer

Manage dope.security from your AI assistant

June 9, 2026
3
 MIN READ
Manage dope.security from your AI assistant

You shouldn't have to click through a console to run your secure web gateway. So now you don't have to.

We've shipped dopesecurity-mcp-server, a local MCP server that plugs the dope.security Flightdeck partner API into any MCP-aware AI assistant: Claude Desktop, ChatGPT, Cursor, Copilot CLI, and more. Connect it once, and you stop clicking through Flightdeck. You start talking to your tenant.

Ask a question in plain language. Get the answer, or the change, back. That's it.

Inspect your fleet

Stop hunting through filters and device lists. Just ask:

  • “Which endpoints are running an agent older than 1.0.18509?”
  • “Find the laptop assigned to alice@acme.com.”
  • “List every device in the London office whose status is error.”

Read policy state

Policy drift is hard to catch when you're eyeballing two configs side by side. Let the assistant do the diff:

  • “Summarize the differences between Engineering and Finance.”
  • “Who is currently assigned to Contractors?”
  • “Which categories are blocked in Default but allowed in Sales?”

Curate custom URL categories

Building and cleaning up allow-lists is exactly the kind of fiddly work an assistant should own:

  • “Create approved-ai-tools and add chat.openai.com, claude.ai, and *.anthropic.com.”
  • “Show me everything in approved-saas and flag duplicates.”

Tune policies, assignments, and bypasses

When you know what you want, say it. The change lands in your tenant:

  • “Block Social Media on Engineering but give alice@acme.com an exception.”
  • “Move the Finance group from Default to Finance-Strict.”
  • “Add internal-jira.acme.com as a URL bypass on Engineering.”

Safety by default

Handing your tenant to an AI assistant only works if the guardrails are real. Ours are.

The server is read-only out of the box. Read tools are always on. Write and destructive tools stay dark until you flip them on explicitly with DOPE_ENABLE_MUTATIONS and DOPE_ENABLE_DESTRUCTIVE. No accidental policy changes because a prompt got creative.

Credentials never reach the model. They live in environment variables, and they're never logged.

Get started

Drop this into your MCP client config:

{ "mcpServers": { "dope-security": {
  "command": "uvx", "args": ["dopesecurity-mcp-server"],
  "env": { "DOPE_CLIENT_ID": "…", "DOPE_CLIENT_SECRET": "…" }
} } }

Restart your MCP client, then ask: “What dope.security policies do I have?”

Want to see the rest of the platform? Try dope.security free or book a 20-minute demo.

No items found.
back to blog Home

Related Posts

No items found.
Check
Dope Security logo - links to the home page.
It’s not that we’re mad at yesterday’s cybersecurity.  Just disappointed.  So we made it better.  We made it easier.

We made it dope.
sales@dope.security
Call Us
about
Our Story
Our Crew
Newsroom
Events
Partners
compare
Forcepoint
Zscaler
Cisco Umbrella
Netskope
Testimonials
documentation
Support
User Manual
[ DOPE.FOOTER ]
© 2026 dope.security Inc.
Made with
in California
EULAPRIVACYLEGALmanage cookies