Can I block a malicious IP address directly from my agent?

Yes. Using the `create_ip_acl_rule` tool, you can immediately add an IP or CIDR range to your global denylist (black list) to mitigate threats as soon as they are identified during your security audit.

Is it possible to triage vulnerabilities and change their status via chat?

Absolutely. You can use `update_vulnerability_status` to change a vulnerability's lifecycle status (e.g., to closed or false positive) once you have investigated it or applied remediation steps.

Wallarm MCP Server for Claude Desktop 10 tools — connect in under 2 minutes

Name: Wallarm
Availability: InStock
Author: Vinkius

modelcontextprotocol.io/quickstart/user

Built by Vinkius GDPR 10 Tools IDE

Claude Desktop is Anthropic's native application for interacting with Claude AI models on macOS and Windows. It was the first consumer application to ship with built-in MCP support, making it the reference implementation for the Model Context Protocol standard.

Get MCP Server for AI Agents

ASK AI ABOUT THIS MCP SERVER

Open in ChatGPT Open in Claude Open in Perplexity

Vinkius supports streamable HTTP and SSE.

RecommendedModern Approach — Zero Configuration

Vinkius Desktop App

The modern way to manage MCP Servers — no config files, no terminal commands. Install Wallarm and 2,500+ MCP Servers from a single visual interface.

Download Free Open SourceNo signup required

Classic Setup·json

{
  "mcpServers": {
    "wallarm": {
      // Your Vinkius token — get it at cloud.vinkius.com
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Fully ManagedVinkius Servers

60%Token savings

High SecurityEnterprise-grade

IAMAccess control

EU AI ActCompliant

DLPData protection

V8 IsolateSandboxed

Ed25519Audit chain

<40msKill switch

Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

About Wallarm MCP Server

Connect your Wallarm account to any AI agent and secure your API infrastructure through natural conversation.

Claude Desktop is the definitive way to connect Wallarm to your AI workflow. Add the Vinkius Edge URL to your config, restart the app, and Claude immediately exposes all 10 tools in the chat interface — ask a question, Claude calls the right tool, and you see the answer. Zero code, zero context switching.

What you can do

Security Attacks — Monitor and search for active security attacks detected by Wallarm, grouped by vector (SQLi, XSS, etc.)
Granular Hits — Perform deep forensics by searching for individual malicious HTTP request hits with full payloads
Vulnerability Management — List and triage security vulnerabilities discovered in live API traffic directly from your agent
API Inventory — Retrieve the automatically discovered API inventory to see all exposed endpoints and methods
Filtering Nodes — Verify the health and heartbeat status of your deployed WAF and API gateway filtering nodes
IP Control — Audit and manage IP allowlist/denylist rules to immediately block malicious sources or allow trusted partners
Remediation Guidance — Access comprehensive diagnostic data and CWE mappings for specific vulnerabilities

The Wallarm MCP Server exposes 10 tools through the Vinkius. Connect it to Claude Desktop in under two minutes — no API keys to rotate, no infrastructure to provision, no vendor lock-in. Your configuration, your data, your control.

How to Connect Wallarm to Claude Desktop via MCP

Follow these steps to integrate the Wallarm MCP Server with Claude Desktop.

Open Claude Desktop Settings

Go to Settings → Developer → Edit Config to open claude_desktop_config.json

Add the MCP Server

Paste the configuration above into the mcpServers section

Restart Claude Desktop

Close and reopen Claude Desktop to load the new server

Start using Wallarm

Look for the 🔌 icon in the chat — your 10 tools are now available

Why Use Claude Desktop with the Wallarm MCP Server

Claude Desktop by Anthropic provides unique advantages when paired with Wallarm through the Model Context Protocol.

Claude Desktop is the reference MCP client — it was designed alongside the protocol itself, ensuring the most complete and stable MCP implementation available

Zero-code configuration: add a server URL to a JSON file and Claude instantly discovers and exposes all available tools in the chat interface

Claude's extended thinking capability lets it reason through multi-step tool usage, chaining multiple API calls to answer complex questions

Enterprise-grade security with local config storage — your tokens never leave your machine, and connections go directly to the Vinkius Edge network

Wallarm + Claude Desktop Use Cases

Practical scenarios where Claude Desktop combined with the Wallarm MCP Server delivers measurable value.

Interactive data exploration: ask Claude to query DNS records, look up WHOIS data, and cross-reference results in a single conversation

Ad-hoc security audits: type a domain name and let Claude enumerate subdomains, check DNS history, and flag configuration anomalies — all through natural language

Executive briefings: generate comprehensive domain intelligence reports by asking Claude to compile findings into a formatted summary

Learning and training: new team members can explore API capabilities conversationally without needing to read documentation

Wallarm MCP Tools for Claude Desktop (10)

These 10 tools become available when you connect Wallarm to Claude Desktop via MCP:

create_ip_acl_rule

list_type must be "white" or "black". Adds an IP or CIDR range to the global allowlist or denylist

get_client_info

Retrieves details about the Wallarm account, subscription, and feature status

get_discovered_api_inventory

Retrieves the API inventory automatically discovered through passive traffic analysis

get_vulnerability_details

Retrieves comprehensive diagnostic data and exploit evidence for a specific vulnerability ID

list_filtering_nodes

Lists all deployed Wallarm WAF/API gateway filtering nodes

list_ip_acl_rules

Lists configured IP allowlist and denylist rules

search_security_attacks

Searches for security attacks detected by Wallarm, grouped by vector (SQLi, XSS, etc.)

search_security_hits

Shows full request headers and payloads for blocked traffic. Searches for granular individual malicious HTTP request hits intercepted by WAF nodes

search_vulnerabilities

Lists all open security vulnerabilities discovered in live API traffic

update_vulnerability_status

Valid statuses: open, closed, falsepositive. Changes the lifecycle status of a vulnerability (e.g., mark as closed or false positive)

Example Prompts for Wallarm in Claude Desktop

Ready-to-use prompts you can give your Claude Desktop agent to start working with Wallarm immediately.

"List all security attacks detected in the last hour."

"Block the malicious IP address 1.2.3.4 immediately."

"What vulnerabilities are currently open in our production API?"

Troubleshooting Wallarm MCP Server with Claude Desktop

Common issues when connecting Wallarm to Claude Desktop through the Vinkius, and how to resolve them.

Server not appearing after restart

Ensure the JSON is valid (no trailing commas). Check the file path: ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\\Claude\\ (Windows).

Authentication error

Verify your Vinkius token is correct. Go to cloud.vinkius.com to regenerate it if needed.

Tools not showing in chat

Click the 🔌 icon at the bottom of the chat input. If it shows 0 tools, the server may still be connecting — wait a few seconds.

Wallarm + Claude Desktop FAQ

Common questions about integrating Wallarm MCP Server with Claude Desktop.

How does Claude Desktop discover MCP tools?

When Claude Desktop starts, it reads the claude_desktop_config.json file and connects to each configured MCP server. It calls the tools/list endpoint to fetch the schema for every available tool, then surfaces them as clickable options in the chat interface via the 🔌 icon.

What happens if the MCP server is temporarily unavailable?

Claude Desktop handles disconnections gracefully — if the server is unreachable at startup, the tools simply won't appear. Once the server becomes available again, restarting Claude Desktop will re-establish the connection. There is no timeout penalty or error loop.

Can I connect multiple MCP servers simultaneously?

Yes. You can add as many servers as you need in the mcpServers section of the config file. Each server appears as a separate tool provider, and Claude can use tools from multiple servers in a single conversation turn.

Is there a limit on the number of tools per server?

Claude Desktop can handle hundreds of tools per server. However, for optimal LLM performance, Vinkius servers are designed to expose focused, well-documented tool sets rather than overwhelming the model with too many options.

Does Claude Desktop support Streamable HTTP transport?

Yes. Claude Desktop supports both SSE (Server-Sent Events) and the newer Streamable HTTP transport that Vinkius uses. Simply provide the server URL — Claude auto-negotiates the transport protocol.