Security ๐งช Community โ Claude Code โ Claude Desktop โข Kaseya
RocketCyber
RocketCyber managed SOC - incidents, agents, events, threat detection
๐ Recommended MCP Server
Pair this plugin with the RocketCyber MCP for direct API access alongside skills and commands.
Installation
Install this plugin individually:
/plugin marketplace add wyre-technology/msp-claude-plugins --plugin rocketcyber Or install all MSP plugins at once:
/plugin marketplace add wyre-technology/msp-claude-plugins Features
- Account Hierarchy
- Agent Monitoring
- Application Inventory
- Incident Management
Skills
This plugin provides 5 skills that teach Claude about RocketCyber:
| Skill | Description |
|---|---|
accounts | Use this skill when working with RocketCyber accounts - provider/customer hierarchy, account management, sub-account navigation, account settings, and security policy configuration. |
agents | Use this skill when working with RocketCyber agents (RocketAgent) - deployment, communication status, health monitoring, and troubleshooting. |
apps | Use this skill when working with RocketCyber application inventory - detecting, categorizing, and monitoring applications across managed endpoints. |
incidents | Use this skill when working with RocketCyber security incidents - searching, triaging, investigating, and resolving incidents. |
api-patterns | Use this skill when working with the RocketCyber API - authentication, Bearer token flow, base URL selection, pagination, rate limiting, error handling, and account hierarchy. |
Agents
This plugin provides 2 agents for autonomous task execution:
| Agent | Description |
|---|---|
soc-alert-investigator | Use this agent when an MSP needs to investigate and triage RocketCyber SOC alerts and security incidents across their client portfolio. |
threat-correlation-analyst | Use this agent when an MSP needs to correlate RocketCyber SOC detections with broader security context from across the Kaseya ecosystem โ cross-referencing incidents with Datto RMM device data, IT Glue documentation, and Autotask ticket history to build richer threat narratives and identify whether incidents are isolated or part of a broader pattern. |
Commands
Available slash commands:
| Command | Description |
|---|---|
/account-summary | Get a security posture summary for a RocketCyber customer account |
/search-incidents | Search RocketCyber security incidents by account, status, severity, verdict, and date range |
API Reference
| Base URL | |
| Authentication | |
| Rate Limit | |
| Documentation |
Example Usage
Get a security posture summary for a RocketCyber customer account
/account-summarySearch RocketCyber security incidents by account, status, severity, verdict, and date range
/search-incidentsUsing Skills
/skill rocketcyber:accounts
Use this skill when working with RocketCyber accounts - provider/customer hierarchy, account management, sub-account navigation, account settings, and security policy configuration.