naftiko: 1.0.0-alpha2 info: label: Symantec Endpoint Security Management description: Unified endpoint security management capability for Symantec/Broadcom products. Enables security operations teams to manage endpoint protection infrastructure, query protected devices, administer groups, and manage administrator accounts via the SEPM REST API. tags: - Broadcom - Cybersecurity - Endpoint Protection - Endpoint Security - Groups - SEPM - Security Operations - Symantec created: '2026-05-03' modified: '2026-05-06' binds: - namespace: env keys: SEPM_USERNAME: SEPM_USERNAME SEPM_PASSWORD: SEPM_PASSWORD SEPM_HOST: SEPM_HOST SEPM_BEARER_TOKEN: SEPM_BEARER_TOKEN capability: consumes: - type: http namespace: sepm baseUri: https://{SEPM_HOST}:8446/sepm/api/v1 description: Symantec Endpoint Protection Manager REST API authentication: type: bearer token: '{{SEPM_BEARER_TOKEN}}' resources: - name: computers path: /computers description: Endpoint computer management operations: - name: list-computers method: GET description: List Computers inputParameters: - name: computerName in: query type: string required: false description: Filter by computer name - name: pageSize in: query type: integer required: false description: Results per page (max 1000) - name: pageIndex in: query type: integer required: false description: Page number outputRawFormat: json outputParameters: - name: result type: object value: $. - name: groups path: /groups description: SEPM group management operations: - name: list-groups method: GET description: List Groups outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-group method: POST description: Create Group inputParameters: - name: name in: body type: string required: true description: Group name - name: description in: body type: string required: false description: Group description outputRawFormat: json outputParameters: - name: result type: object value: $. - name: administrators path: /admin/admins description: SEPM administrator management operations: - name: list-administrators method: GET description: List Administrators outputRawFormat: json outputParameters: - name: result type: object value: $. exposes: - type: rest port: 8080 namespace: symantec-security-api description: Unified REST API for Symantec endpoint security management. resources: - path: /v1/computers name: computers description: Manage protected endpoint computers operations: - method: GET name: list-computers description: List Computers call: sepm.list-computers with: computerName: rest.computerName pageSize: rest.pageSize pageIndex: rest.pageIndex outputParameters: - type: object mapping: $. - path: /v1/computers/{computerId} name: computer-detail description: Single computer management operations: - method: DELETE name: remove-computer description: Remove Computer call: sepm.list-computers with: computerId: rest.computerId outputParameters: - type: object mapping: $. - path: /v1/groups name: groups description: SEPM group management operations: - method: GET name: list-groups description: List Groups call: sepm.list-groups outputParameters: - type: object mapping: $. - method: POST name: create-group description: Create Group call: sepm.create-group with: name: rest.name description: rest.description outputParameters: - type: object mapping: $. - path: /v1/administrators name: administrators description: SEPM administrator accounts operations: - method: GET name: list-administrators description: List Administrators call: sepm.list-administrators outputParameters: - type: object mapping: $. - type: mcp port: 9090 namespace: symantec-security-mcp transport: http description: MCP server for AI-assisted Symantec endpoint security management. tools: - name: list-computers description: List all endpoints managed by SEPM with status, OS, SEP version, and last scan time hints: readOnly: true idempotent: true call: sepm.list-computers with: computerName: tools.computerName pageSize: tools.pageSize outputParameters: - type: object mapping: $. - name: search-computers-by-name description: Search for specific computers by hostname in SEPM hints: readOnly: true idempotent: true call: sepm.list-computers with: computerName: tools.computerName outputParameters: - type: object mapping: $. - name: list-groups description: List all SEPM groups with computer counts and policy settings hints: readOnly: true idempotent: true call: sepm.list-groups outputParameters: - type: object mapping: $. - name: create-group description: Create a new computer group in SEPM for policy segmentation hints: readOnly: false destructive: false idempotent: false call: sepm.create-group with: name: tools.name description: tools.description outputParameters: - type: object mapping: $. - name: list-administrators description: List all SEPM administrator accounts and their roles hints: readOnly: true idempotent: true call: sepm.list-administrators outputParameters: - type: object mapping: $.