Armor1
Overview
Visualize MCP (Model Context Protocol) server security risks and developer usage patterns across your organization. Monitor configured MCP servers for supply chain vulnerabilities, risky tool exposure, and insecure authentication modes. Track which developers are using which MCP servers and correlate risk posture with user activity.
Configurations
| Configuration | Description |
|---|---|
| Blueprint Account Name | A human-readable name for your account that will be used to identify this account across the application. |
| Armor1 Base URL | The Armor1 API base URL (e.g. https://stage-api.armor1.ai/). Found in your Armor1 tenant settings. |
| Armor1 Client ID | The client uaddress used to authenticate with the Armor1 API (e.g. mykey@client.armor1). Generated in your Armor1 tenant under Settings > API Keys. |
| Armor1 Client Secret | The client secret associated with the Client ID. Treat this as a password — store it securely. |
| Data Crawl Frequency | The frequency at which Kscope will connect to Armor1 and collect updated MCP security data. |
Permissions
The Armor1 blueprint requires a Client credential pair with the following scopes assigned in Armor1:
| Scope | Why it's needed |
|---|---|
read:tenant | Access tenant metadata and configuration |
read:tenant_users | List platform users within the tenant |
read:tenant_clients | List API clients (uaddress identities) registered in the tenant |
read:mcp_servers | Read MCP server catalog entries and their risk analysis |
read:mcp_users | Access developer user profiles and MCP usage data |
read:mcp_clients | Read MCP client catalog data to correlate servers with users |
read:groups | Read user groups used for policy and access management |
read:policies | Read policy instances governing MCP server and user access |
read:skills | Read AI skill catalog entries and their risk assessments |
Important Notes:
- Create a dedicated API client in Armor1 for Kscope — avoid using personal credentials
- The client only requires read-level access — no write operations are performed
- Credentials are scoped to a single tenant; configure one blueprint per tenant
For more information about Armor1 API authentication, refer to the Armor1 API Documentation.
Schema Model
| Resource | Source Entity | Normalized Entity | Description |
|---|---|---|---|
| Armor1 Tenant | armor1.tenant.Tenant | Tenant | The root Armor1 tenant node |
| Tenant User | armor1.tenant.TenantUser | TenantUser | A platform user within the Armor1 tenant |
| Tenant Client | armor1.tenant.TenantClient | TenantClient | An API client (uaddress identity) registered in the tenant |
| MCP Server Catalog | armor1.mcpserver.MCPServerCatalog | MCPServerCatalog | A configured MCP server with risk analysis and tool definitions |
| MCP Server Risk Analysis | armor1.mcpserver.MCPServerRiskAnalysis | MCPServerRiskAnalysis | Computed risk score and status for an MCP server |
| MCP Tool | armor1.mcpserver.MCPTool | MCPTool | A tool exposed by an MCP server |
| MDM Device User | armor1.mdm.MDMUser | MDMUser | A developer using MCP clients on a managed device |
| Platform User | armor1.user.User | User | An Armor1 platform user with roles and permission scopes |
| MCP Client Catalog | armor1.mcpclient.MCPClientCatalog | MCPClientCatalog | A registered MCP client application within the tenant |
| Group | armor1.group.Group | Group | A user group used for policy and access management |
| Policy Instance | armor1.policy.PolicyInstance | PolicyInstance | An applied policy governing MCP server or user access |
| Shadow Server Catalog | armor1.shadowserver.ShadowServerCatalog | ShadowServerCatalog | An unauthorized or unmanaged MCP server discovered on a managed device |
| Skill Catalog | armor1.skill.SkillCatalog | SkillCatalog | A registered AI skill (agent capability) within the tenant |
| Skill Risk Assessment | armor1.skill.SkillRiskAssessment | SkillRiskAssessment | Computed risk score and status for an AI skill |
| Risk Assessment | armor1.risk.RiskAssessment | RiskAssessment | Overall risk posture snapshot for an MDM device user |
| Risk Assessment Record | armor1.risk.RiskAssessmentRecord | RiskAssessmentRecord | A per-metric evaluation within a risk assessment |
| Risk Metric | armor1.risk.RiskMetric | RiskMetric | A shared metric definition used to score risk assessments |
Security Insights
The Armor1 blueprint feeds data into the following analyzers:
| Analyzer | What it detects |
|---|---|
| AI Security | MCP server supply chain risks, risky tool exposure, insecure auth modes, and developer risk posture |
| Application | Application-level risk scoring incorporating MCP server risk data |
Insight Models
| Model ID | Alert | Description |
|---|---|---|
| SB-Armor1-HighRiskServers | High-Risk MCP Servers Detected | MCP server catalogs with RiskLevel = danger |
| SB-Armor1-ShadowServers | Shadow MCP Servers Detected | Shadow servers with no matching curated catalog entry |
| SB-Armor1-ExpiredServerTrust | MCP Server Trust Expired | Curated servers with Officiality = expired |
| SB-Armor1-HighRiskClients | High-Risk MCP Clients Detected | MCP client catalogs with RiskLevel = danger |
| SB-Armor1-RiskPostureChange | MCP Risk Posture Degraded | Servers or clients with warning or danger risk level |
| SB-Armor1-OpenRemediationActions | Open MCP Remediation Actions | Risk assessment records in failure or warning status |
| SB-Armor1-DevicesWithoutOwner | Unowned MDM Devices | MDM device users with no linked platform identity |
| SB-Armor1-HighRiskSkills | High-Risk AI Skills | Skill catalog entries with warning or danger risk level |
| SB-Armor1-UsersExposedHighRiskServers | Users Exposed to High-Risk MCP Servers | Platform users whose devices connect to high-risk or shadow servers |
| SB-Armor1-UsersExposedHighRiskClients | Users Exposed to High-Risk MCP Clients | Platform users whose devices have high-risk remediation assessments |
Correlations
Internal (within Armor1)
| From | Relationship | To | Description |
|---|---|---|---|
| Tenant | TenantHasUser | TenantUser | Platform users belonging to this tenant |
| Tenant | TenantHasClient | TenantClient | API clients (uaddress identities) registered in the tenant |
| Tenant | TenantHasMCPServer | MCPServerCatalog | MCP servers owned by this tenant |
| Tenant | TenantHasMCPClient | MCPClientCatalog | MCP client catalogs configured in this tenant |
| Tenant | TenantHasMDMUser | MDMUser | MDM device users within this tenant |
| Tenant | TenantHasGroup | Group | User groups scoped to this tenant |
| Tenant | TenantHasPolicy | PolicyInstance | Policy instances governing this tenant |
| Tenant | TenantHasRiskAssessment | RiskAssessment | Risk assessments belonging to this tenant |
| Tenant | TenantOwnsSkill | SkillCatalog | AI skills owned by this tenant |
| MDMUser | MDMUserHasPlatformIdentity | User | Resolves device-bound identity to platform user |
| MDMUser | MDMUserRunsClient | MCPClientCatalog | AI clients active on a managed device |
| MDMUser | MDMUserConnectsToServer | MCPServerCatalog | Curated servers each device reaches |
| MDMUser | MDMUserCurrentRiskAssessment | RiskAssessment | Current overall risk assessment for a device user |
| MCPServerCatalog | ServerHasCurrentRiskAnalysis | MCPServerRiskAnalysis | Server linked to its latest risk analysis |
| MCPClientCatalog | ClientCatalogLoadsServer | MCPServerCatalog | Servers each client class loads across the tenant |
| ShadowServerCatalog | ShadowServerResolvesToCurated | MCPServerCatalog | Unresolved shadow server matched to catalog entry |
| ShadowServerCatalog | ShadowServerDiscoveredOn | MDMUser | Device where the shadow server was observed |
| Group | GroupHasMember | MDMUser | MDM device users who are members of this group |
| Group | GroupHasPolicy | PolicyInstance | Policy instances assigned to this group |
| RiskAssessment | RiskAssessmentContainsRecord | RiskAssessmentRecord | Assessment to its per-metric evaluations |
| RiskAssessmentRecord | RiskRecordEvaluatedByMetric | RiskMetric | Record linked to its shared metric definition |
| SkillCatalog | SkillHasCurrentRiskAssessment | SkillRiskAssessment | Skill to its most recent risk assessment |
| User | UserHasRole | Role | Permission bundles assigned to each platform user |
| Role | RoleGrantsScope | Scope | Permission atoms within each role |
Cross-Blueprint (enterprise blast radius)
| From | Relationship | To | Description |
|---|---|---|---|
armor1.mdm.MDMUser | korweave.UserSharedIdentity | aws.iam.User | MCP exposure → cloud IAM (matches Email → IAM UserName) |
armor1.mdm.MDMUser | korweave.UserSharedIdentity | github.organization.User | MCP risk → repository access (email federation) |
armor1.mdm.MDMUser | korweave.UserSharedIdentity | jira.account.User | Exposed MDM identity → Jira projects and issues |
armor1.mdm.MDMUser | korweave.DeviceOwnerHasIAMAccess | aws.iam.User | Device user → cloud IAM (when UserID matches IAM UserName) |
armor1.mcpserver.MCPServerCatalog | armor1.ServerCatalogHasNpmPackage | npm.package.Package | Supply chain risk traversal via npm package |
armor1.mcpserver.MCPServerCatalog | armor1.ServerCatalogHasSourceRepo | github.repository.Repository | HIGH risk server → source repo write access |