How to Use the Elastic Security MCP in Cursor
Write security-aware code in Cursor. Query Elastic Security signals and tune detection rules while you build.
Works with every AI agent you already use
…and any MCP-compatible client
Connect Elastic Security MCP to Cursor
Create your Vinkius account to connect Elastic Security to Cursor and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.
Inject live signals into Cursor
Stop guessing what your production environment looks like. Use `search_signals` to bring real-time alert data into your editor context. You can see exactly what processes triggered an alert while you write the patch. It makes debugging security regressions much faster.
Automate rule creation in Cursor
Define your security logic as code and push it to your SIEM. Use `create_rule` to set up new detection logic based on the application patterns you're currently building. It keeps your detection logic in sync with your deployment. You won't have to jump to the dashboard to define new risk scores.
Audit coverage with Cursor
Check if your new code changes are covered by existing detection rules. Use `list_detection_rules` to verify your project's security footprint. You can quickly identify missing logic before you push to production. It turns security auditing into a standard part of your coding workflow.
Set up Elastic Security MCP in Cursor
Prerequisites
- Cursor installed (macOS, Windows, or Linux)
- Active Vinkius subscription with a valid endpoint token
- 1
Open MCP Settings
Go to Cursor Settings → MCP or open the Command Palette (
Cmd+Shift+P/Ctrl+Shift+P) and search for "MCP: Add Server". - 2
Add the Elastic Security MCP
Cursor will create or open
.cursor/mcp.jsonin your project root. Paste the JSON snippet on the right. Replace[YOUR_TOKEN_HERE]with your endpoint token from cloud.vinkius.com. - 3
Enable Agent mode
Open Composer (
Cmd+I/Ctrl+I) and switch to Agent mode using the dropdown at the top. MCP tools are only available in Agent mode. - 4
Verify the connection
Ask Cursor something like "List my recent Elastic Security transactions." If the MCP tools are loaded correctly, Cursor will call the Elastic Security tools automatically. You can also check Settings → MCP for a green status indicator.
{
"mcpServers": {
"elastic-security-mcp": {
"url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
}
}
}Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Elastic Security. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
Why Choose Vinkius
Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.
Real-time monitoring
Live
visibility into every interaction
Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.
Built-in savings
60%
lower AI costs
Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.
Single dashboard
One
place for every integration
Every tool your AI connects to, managed from a single screen. One account, complete control.
Common questions about Elastic Security MCP in Cursor
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
Start using the Elastic Security MCP today
We host it, we monitor it, we maintain it. You just paste one token.
