Security Operations , API security , AI/ML Command Zero releases APIs to enable programmatic security investigations May 1, 2026 Share By SC Staff Per Silicon Angle, Command Zero Inc. has launched a suite of application programming interface (API) endpoints and a Model Context Protocol (MCP) server for its autonomous security operations center platform. This new offering allows customers to programmatically drive threat hunts, investigations, and remediation efforts, moving beyond the limitations of the vendor's console. The new API endpoints enable security operations teams to integrate Command Zero's investigation engine into their existing security orchestration, automation, and response (SOAR) playbooks, pipelines, and internal tools. The MCP server allows AI agents to directly query the platform, perform health checks, triage cases, and build dashboards via a chat interface. The release includes endpoints for investigations, business context (pulling data from sources like ServiceNow and HR systems), catalog and schema queries, and remediation actions. Use cases range from automatically starting investigations upon alert firing to enabling custom threat hunting frameworks and allowing managed security service providers to sync client business context across tenants. This move comes as the industry sees a race to add agentic capabilities and new autonomous SOC platforms emerge. By opening up these capabilities via APIs and MCP, Command Zero allows customers to weave autonomous investigations into their current tools and workflows without requiring a full replacement. Source: Silicon Angle An In-Depth Guide to AI Get essential knowledge and practical strategies to use AI to better your security program. Learn More SC Staff Related Security Operations 2 threat groups linked to The Com target critical infrastructure with data theft SC Staff May 1, 2026 These financially-motivated attackers, closely aligned with Scattered Spider, use voice-phishing and social engineering to breach victims' identity platforms and traverse SaaS environments, according to a report by CrowdStrike. Security Operations GoDaddy under fire for alleged unauthorized domain transfer SC Staff April 30, 2026 The incident involved a domain belonging to an anonymous American non-profit with 20 locations nationwide. Security Operations Polymarket denies data breach claims by hacker Xorcat SC Staff April 30, 2026 Xorcat claimed to exploit several vulnerabilities, including undocumented API endpoints, a pagination bypass on the CLOB trading system by altering code to request nearly a million data points, and a CORS misconfiguration. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms API Security Blue Team Cloud Computing Cold Warm Hot Disaster Recovery Site Countermeasure Cron Daemon Disaster Recovery Plan (DRP) Greynet You can skip this ad in 5 seconds