framework-mcp 1.3.7 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,553 @@
1
+ # LLM Analysis Patterns for Framework MCP v1.4.0
2
+
3
+ This guide demonstrates advanced analysis patterns enabled by Framework MCP's Pure Data Provider architecture. LLMs can now perform sophisticated, context-aware vendor capability analysis with unprecedented flexibility.
4
+
5
+ ## 🎯 Core Analysis Philosophy
6
+
7
+ **Pure Data + Intelligent Analysis**: Framework MCP provides authoritative CIS Controls data while LLMs apply sophisticated reasoning, context awareness, and custom methodologies for vendor assessment.
8
+
9
+ ## 📋 Standard Analysis Patterns
10
+
11
+ ### 1. Basic Capability Assessment
12
+
13
+ **Pattern**: Get safeguard data → Analyze vendor response → Determine capability role
14
+
15
+ ```bash
16
+ claude-code "Get safeguard details for 5.1, then analyze this vendor response:
17
+ Okta - 'Our identity platform provides centralized user management, automated provisioning workflows, role-based access controls, and quarterly access reviews with compliance reporting.'
18
+
19
+ Determine the appropriate capability role and provide confidence assessment."
20
+ ```
21
+
22
+ **Expected LLM Analysis**:
23
+ ```
24
+ CAPABILITY ASSESSMENT: Okta vs Safeguard 5.1
25
+
26
+ PRIMARY ROLE: FULL
27
+ ADDITIONAL ROLES: GOVERNANCE, VALIDATES
28
+ CONFIDENCE: 89%
29
+
30
+ REASONING:
31
+ ✅ Core Requirements: Complete user inventory and centralized management
32
+ ✅ Sub-Elements: Automated workflows and role-based controls
33
+ ✅ Governance: Quarterly review processes and compliance frameworks
34
+ ✅ Validation: Reporting and audit capabilities
35
+
36
+ RECOMMENDATION: Strong FULL capability with governance and validation features. Suitable for IG2-IG3 implementations.
37
+ ```
38
+
39
+ ### 2. Comparative Multi-Vendor Analysis
40
+
41
+ **Pattern**: Get safeguard data → Compare multiple vendors → Rank and recommend
42
+
43
+ ```bash
44
+ claude-code "Get safeguard 1.1 details. Compare these asset management solutions for a 500-employee technology company:
45
+
46
+ 1. Lansweeper: 'Automated network discovery, comprehensive hardware/software inventory, real-time asset tracking'
47
+ 2. ServiceNow CMDB: 'Configuration management database, workflow automation, change tracking'
48
+ 3. Microsoft Intune: 'Managed device inventory, Azure AD integration, mobile device management'
49
+
50
+ Rank by implementation completeness and provide deployment recommendations."
51
+ ```
52
+
53
+ **Expected LLM Analysis**:
54
+ ```
55
+ COMPARATIVE ANALYSIS: Asset Management Solutions (Safeguard 1.1)
56
+
57
+ RANKING BY IMPLEMENTATION COMPLETENESS:
58
+
59
+ 🥇 LANSWEEPER (FULL + VALIDATES)
60
+ - Comprehensive automated discovery
61
+ - Real-time tracking capabilities
62
+ - Strong technical implementation
63
+ - Deployment: Medium complexity, 2-3 months
64
+
65
+ 🥈 MICROSOFT INTUNE (PARTIAL + GOVERNANCE)
66
+ - Limited to managed devices only
67
+ - Strong Azure integration advantage
68
+ - Good governance capabilities
69
+ - Deployment: Low complexity (if Microsoft stack), 1-2 months
70
+
71
+ 🥉 SERVICENOW CMDB (FACILITATES + GOVERNANCE)
72
+ - Requires manual data entry processes
73
+ - Excellent workflow and governance
74
+ - Facilitates comprehensive tracking
75
+ - Deployment: High complexity, 4-6 months
76
+
77
+ RECOMMENDATION FOR 500-EMPLOYEE TECH COMPANY:
78
+ - Primary: Lansweeper for immediate IG1 compliance
79
+ - Consider: Intune if Microsoft-centric environment
80
+ - Future: ServiceNow for enterprise maturity and complex workflows
81
+ ```
82
+
83
+ ## 🎨 Advanced Analysis Patterns
84
+
85
+ ### 3. Compliance-Focused Assessment
86
+
87
+ **Pattern**: Get safeguard data → Apply compliance framework → Assess vendor capability
88
+
89
+ ```bash
90
+ claude-code "Get safeguard 8.2 details. For a PCI-DSS Level 1 merchant processing 10M+ transactions annually, analyze Splunk Enterprise Security:
91
+
92
+ 'Centralized log management, real-time security monitoring, automated threat detection, compliance reporting, and data retention policies.'
93
+
94
+ Focus on PCI-DSS requirements and provide implementation timeline."
95
+ ```
96
+
97
+ **Expected LLM Analysis**:
98
+ ```
99
+ PCI-DSS COMPLIANCE ANALYSIS: Splunk Enterprise Security vs Safeguard 8.2
100
+
101
+ CAPABILITY: FULL + VALIDATES + GOVERNANCE
102
+ PCI-DSS ALIGNMENT: 94%
103
+
104
+ PCI-DSS REQUIREMENT MAPPING:
105
+ ✅ 10.2 - Automated log generation for security events
106
+ ✅ 10.3 - Record keeping for all system components
107
+ ✅ 10.5 - File integrity monitoring capabilities
108
+ ✅ 10.6 - Daily log review processes
109
+ ✅ 10.7 - Retention policies (1 year online, 3 years archive)
110
+
111
+ STRENGTHS FOR PCI-DSS:
112
+ - Real-time monitoring meets continuous compliance
113
+ - Automated reporting reduces manual audit burden
114
+ - Centralized architecture supports scope reduction
115
+ - Built-in retention policies align with requirements
116
+
117
+ IMPLEMENTATION TIMELINE:
118
+ - Phase 1 (Months 1-2): Core deployment and log source integration
119
+ - Phase 2 (Months 3-4): Compliance dashboard and reporting setup
120
+ - Phase 3 (Months 5-6): Advanced threat detection and response automation
121
+
122
+ GAP CONSIDERATIONS:
123
+ - Ensure cardholder data environment (CDE) log segregation
124
+ - Configure specific PCI-DSS compliance reports
125
+ - Establish incident response playbooks
126
+ ```
127
+
128
+ ### 4. Risk-Based Threat Assessment
129
+
130
+ **Pattern**: Get safeguard data → Consider threat landscape → Assess defensive capability
131
+
132
+ ```bash
133
+ claude-code "Get details for safeguards 13.1, 13.3, and 13.6. Our financial services organization faces advanced persistent threats (APTs) and ransomware.
134
+
135
+ Analyze CrowdStrike Falcon's network monitoring capability: 'Cloud-native endpoint detection, behavioral analytics, threat intelligence integration, automated response, and real-time network visibility.'
136
+
137
+ Prioritize safeguards by threat mitigation effectiveness."
138
+ ```
139
+
140
+ **Expected LLM Analysis**:
141
+ ```
142
+ THREAT-FOCUSED ANALYSIS: CrowdStrike Falcon vs Network Monitoring Safeguards
143
+
144
+ THREAT CONTEXT: Financial Services + APTs + Ransomware
145
+
146
+ SAFEGUARD PRIORITY RANKING:
147
+
148
+ 1. 🚨 SAFEGUARD 13.1 (CRITICAL - FULL + VALIDATES)
149
+ Network Boundary Monitoring
150
+ - Real-time visibility detects lateral movement
151
+ - Critical for APT detection and containment
152
+ - Threat Score: 95% (Highest priority for APTs)
153
+
154
+ 2. 🔍 SAFEGUARD 13.3 (HIGH - FULL + VALIDATES)
155
+ Network Traffic Flow Monitoring
156
+ - Behavioral analytics identify anomalous patterns
157
+ - Essential for ransomware early detection
158
+ - Threat Score: 88% (High priority for data exfiltration)
159
+
160
+ 3. 🛡️ SAFEGUARD 13.6 (MEDIUM - PARTIAL + FACILITATES)
161
+ Deny Network Communications
162
+ - Automated response supports blocking
163
+ - Limited without network infrastructure integration
164
+ - Threat Score: 72% (Effective but requires orchestration)
165
+
166
+ APT MITIGATION STRENGTHS:
167
+ - Cloud-native architecture resists tampering
168
+ - Behavioral analytics detect living-off-the-land techniques
169
+ - Threat intelligence provides IOC correlation
170
+ - Automated response reduces dwell time
171
+
172
+ RANSOMWARE PROTECTION:
173
+ - Early detection of encryption activities
174
+ - Network segmentation enforcement support
175
+ - Rapid containment and isolation capabilities
176
+
177
+ RECOMMENDATION:
178
+ Primary strength in 13.1 and 13.3 for threat detection. Supplement 13.6 with network access control integration for complete coverage.
179
+ ```
180
+
181
+ ### 5. Technology Stack Integration Assessment
182
+
183
+ **Pattern**: Get safeguard data → Consider existing technology → Assess integration potential
184
+
185
+ ```bash
186
+ claude-code "Get safeguard 16.1 details. Our development team uses:
187
+ - Azure DevOps for CI/CD
188
+ - GitHub for source control
189
+ - Docker containers
190
+ - Kubernetes orchestration
191
+
192
+ Analyze SonarQube's secure development capability: 'Static application security testing, code quality analysis, DevOps integration, policy enforcement, and security reporting.'
193
+
194
+ Recommend integration approach and configuration."
195
+ ```
196
+
197
+ **Expected LLM Analysis**:
198
+ ```
199
+ DEVOPS INTEGRATION ANALYSIS: SonarQube vs Safeguard 16.1
200
+
201
+ CAPABILITY: FULL + GOVERNANCE + VALIDATES
202
+ INTEGRATION FIT: 92% (Excellent)
203
+
204
+ TECHNOLOGY STACK ALIGNMENT:
205
+
206
+ ✅ AZURE DEVOPS INTEGRATION
207
+ - Native YAML pipeline support
208
+ - Quality gates and build blocking
209
+ - Automated policy enforcement
210
+ - Pull request decoration
211
+
212
+ ✅ GITHUB INTEGRATION
213
+ - GitHub Actions compatibility
214
+ - PR checks and status updates
215
+ - Branch protection policy support
216
+ - Security advisory correlation
217
+
218
+ ✅ CONTAINER/K8S SUPPORT
219
+ - Docker image scanning capabilities
220
+ - Kubernetes manifest analysis
221
+ - Infrastructure-as-Code security
222
+ - Container registry integration
223
+
224
+ IMPLEMENTATION APPROACH:
225
+
226
+ Phase 1: Core Integration (Weeks 1-2)
227
+ ```yaml
228
+ # Azure DevOps Pipeline Integration
229
+ - task: SonarQubePrepare@4
230
+ inputs:
231
+ SonarQube: 'SonarQube-Connection'
232
+ scannerMode: 'MSBuild'
233
+ projectKey: 'MyProject'
234
+
235
+ - task: SonarQubeAnalyze@4
236
+
237
+ - task: SonarQubePublish@4
238
+ inputs:
239
+ pollingTimeoutSec: '300'
240
+ ```
241
+
242
+ Phase 2: Quality Gates (Weeks 3-4)
243
+ - Configure quality profiles for your tech stack
244
+ - Set up security-focused quality gates
245
+ - Implement branch protection policies
246
+ - Enable automated PR blocking
247
+
248
+ Phase 3: Advanced Security (Weeks 5-6)
249
+ - Security hotspot review workflows
250
+ - SAST integration with SIEM/SOAR
251
+ - Compliance reporting automation
252
+ - Developer security training integration
253
+
254
+ CONFIGURATION RECOMMENDATIONS:
255
+ - Enable security-focused quality profiles
256
+ - Configure OWASP Top 10 rule sets
257
+ - Implement mandatory security reviews
258
+ - Set up vulnerability tracking integration
259
+ ```
260
+
261
+ ## 🔄 Dynamic Analysis Patterns
262
+
263
+ ### 6. Gap Analysis and Roadmap Planning
264
+
265
+ **Pattern**: Get multiple safeguard data → Assess current coverage → Plan implementation roadmap
266
+
267
+ ```bash
268
+ claude-code "Get details for safeguards 5.1, 5.2, 5.3, and 5.4 (all account management safeguards).
269
+
270
+ Our current IAM stack:
271
+ - Azure AD for authentication
272
+ - Basic user provisioning
273
+ - Manual quarterly reviews
274
+ - No privileged account management
275
+
276
+ Analyze gaps against CIS requirements and create 12-month implementation roadmap."
277
+ ```
278
+
279
+ **Expected LLM Analysis**:
280
+ ```
281
+ IAM GAP ANALYSIS & ROADMAP: Current State vs CIS Account Management (5.1-5.4)
282
+
283
+ CURRENT CAPABILITY ASSESSMENT:
284
+
285
+ ✅ 5.1 (Account Inventory) - PARTIAL
286
+ - Azure AD provides user directory
287
+ - Missing automated inventory processes
288
+ - Gap: Real-time account tracking
289
+
290
+ ❌ 5.2 (Automated Provisioning) - MINIMAL
291
+ - Basic provisioning only
292
+ - Manual deprovisioning processes
293
+ - Gap: Lifecycle automation
294
+
295
+ ❌ 5.3 (Privileged Account Management) - MISSING
296
+ - No PAM solution in place
297
+ - Shared admin accounts
298
+ - Gap: Complete privileged access control
299
+
300
+ 🔍 5.4 (Account Access Review) - PARTIAL
301
+ - Quarterly manual reviews
302
+ - No automated workflows
303
+ - Gap: Continuous monitoring and automation
304
+
305
+ 12-MONTH IMPLEMENTATION ROADMAP:
306
+
307
+ QUARTER 1 (Months 1-3): Foundation
308
+ - Deploy Azure AD Premium (automated provisioning)
309
+ - Implement automated user lifecycle management
310
+ - Establish privileged account inventory
311
+ - Target: 5.1 → FULL, 5.2 → PARTIAL
312
+
313
+ QUARTER 2 (Months 4-6): Privileged Access
314
+ - Deploy CyberArk or Azure PIM
315
+ - Migrate shared accounts to PAM
316
+ - Implement just-in-time access
317
+ - Target: 5.3 → FULL
318
+
319
+ QUARTER 3 (Months 7-9): Review Automation
320
+ - Deploy access review automation
321
+ - Implement risk-based reviews
322
+ - Set up compliance reporting
323
+ - Target: 5.4 → FULL
324
+
325
+ QUARTER 4 (Months 10-12): Optimization
326
+ - Fine-tune automated processes
327
+ - Implement advanced analytics
328
+ - Establish continuous monitoring
329
+ - Target: All safeguards → FULL + VALIDATES
330
+
331
+ BUDGET CONSIDERATIONS:
332
+ - Azure AD Premium: $6/user/month
333
+ - PAM solution: $30-50/privileged user/month
334
+ - Implementation services: $150K-200K
335
+ - Training and change management: $50K
336
+
337
+ SUCCESS METRICS:
338
+ - Time to provision/deprovision: <4 hours
339
+ - Privileged access review frequency: Weekly
340
+ - Account accuracy: >99%
341
+ - Compliance audit score: >95%
342
+ ```
343
+
344
+ ### 7. Custom Assessment Methodology
345
+
346
+ **Pattern**: Define custom criteria → Get safeguard data → Apply methodology → Assess vendor
347
+
348
+ ```bash
349
+ claude-code "Get safeguard 12.4 details. Using a 'Zero Trust Network Architecture' assessment methodology, analyze Palo Alto Prisma:
350
+
351
+ 'Next-generation firewall, cloud security, advanced threat detection, micro-segmentation, identity-based policies.'
352
+
353
+ Assessment criteria:
354
+ 1. Identity verification (40% weight)
355
+ 2. Device verification (25% weight)
356
+ 3. Network micro-segmentation (25% weight)
357
+ 4. Continuous monitoring (10% weight)
358
+
359
+ Provide weighted scoring and Zero Trust alignment assessment."
360
+ ```
361
+
362
+ **Expected LLM Analysis**:
363
+ ```
364
+ ZERO TRUST ASSESSMENT: Palo Alto Prisma vs Safeguard 12.4
365
+
366
+ ZERO TRUST METHODOLOGY SCORING:
367
+
368
+ 1. IDENTITY VERIFICATION (40% weight) - Score: 85/100
369
+ ✅ Identity-based policy enforcement
370
+ ✅ User and device context awareness
371
+ ⚠️ Limited behavioral analytics (compared to dedicated UEBA)
372
+ Weighted Score: 34/40
373
+
374
+ 2. DEVICE VERIFICATION (25% weight) - Score: 90/100
375
+ ✅ Advanced device fingerprinting
376
+ ✅ Continuous device trust assessment
377
+ ✅ Integration with endpoint protection
378
+ Weighted Score: 22.5/25
379
+
380
+ 3. NETWORK MICRO-SEGMENTATION (25% weight) - Score: 95/100
381
+ ✅ Application-level micro-segmentation
382
+ ✅ Dynamic policy enforcement
383
+ ✅ East-west traffic inspection
384
+ Weighted Score: 23.75/25
385
+
386
+ 4. CONTINUOUS MONITORING (10% weight) - Score: 88/100
387
+ ✅ Real-time threat detection
388
+ ✅ Automated response capabilities
389
+ ✅ Advanced analytics and ML
390
+ Weighted Score: 8.8/10
391
+
392
+ OVERALL ZERO TRUST SCORE: 89.05/100
393
+
394
+ ZERO TRUST ALIGNMENT ASSESSMENT:
395
+
396
+ STRENGTHS:
397
+ - Excellent micro-segmentation capabilities align with Zero Trust principles
398
+ - Strong device verification and policy enforcement
399
+ - Comprehensive east-west traffic visibility
400
+ - Integration with cloud and on-premises environments
401
+
402
+ AREAS FOR ENHANCEMENT:
403
+ - Identity verification could benefit from UEBA integration
404
+ - Consider supplementing with dedicated identity analytics
405
+ - Enhance behavioral-based risk scoring
406
+
407
+ SAFEGUARD 12.4 MAPPING:
408
+ - CAPABILITY: FULL + VALIDATES
409
+ - Zero Trust Readiness: EXCELLENT (89%)
410
+ - Implementation Complexity: MEDIUM-HIGH
411
+
412
+ RECOMMENDATION:
413
+ Strong foundation for Zero Trust network architecture. Supplement with identity analytics platform for comprehensive Zero Trust implementation.
414
+ ```
415
+
416
+ ## 🎓 Educational Analysis Patterns
417
+
418
+ ### 8. Learning-Focused Assessment
419
+
420
+ **Pattern**: Get safeguard data → Explain requirements → Demonstrate analysis thinking
421
+
422
+ ```bash
423
+ claude-code "Get safeguard 11.1 details and explain each element in detail. Then analyze Acronis Cyber Backup:
424
+
425
+ 'Automated backup scheduling, versioning, encryption, cloud replication, recovery testing, and compliance reporting.'
426
+
427
+ Walk through your analysis process step-by-step to demonstrate how to assess vendor capabilities against CIS requirements."
428
+ ```
429
+
430
+ **Expected Educational LLM Analysis**:
431
+ ```
432
+ EDUCATIONAL ANALYSIS: Understanding CIS Safeguard 11.1 Assessment
433
+
434
+ STEP 1: UNDERSTANDING THE SAFEGUARD
435
+ Safeguard 11.1: "Establish and Maintain a Data Recovery Process"
436
+
437
+ CORE REQUIREMENTS (What MUST be done):
438
+ - Automated backup processes
439
+ - Regular backup verification
440
+ - Recovery procedures documentation
441
+ - Testing of recovery capabilities
442
+
443
+ SUB-ELEMENTS (Detailed components):
444
+ - Backup scheduling and automation
445
+ - Data encryption and protection
446
+ - Off-site storage and replication
447
+ - Recovery time/point objectives
448
+ - Documentation and procedures
449
+
450
+ GOVERNANCE ELEMENTS (Policy/Process):
451
+ - Backup policies and procedures
452
+ - Recovery testing schedules
453
+ - Compliance and audit requirements
454
+ - Roles and responsibilities
455
+
456
+ STEP 2: VENDOR RESPONSE ANALYSIS
457
+ Acronis Cyber Backup Claims Analysis:
458
+
459
+ ✅ "Automated backup scheduling"
460
+ → Directly addresses core requirement for automation
461
+ → Evidence: Strong implementation language
462
+ → Assessment: FULL capability indicator
463
+
464
+ ✅ "Versioning"
465
+ → Addresses sub-element for point-in-time recovery
466
+ → Evidence: Technical capability mentioned
467
+ → Assessment: FULL capability support
468
+
469
+ ✅ "Encryption"
470
+ → Addresses sub-element for data protection
471
+ → Evidence: Security capability present
472
+ → Assessment: FULL capability component
473
+
474
+ ✅ "Cloud replication"
475
+ → Addresses sub-element for off-site storage
476
+ → Evidence: Geographic separation capability
477
+ → Assessment: FULL capability element
478
+
479
+ ✅ "Recovery testing"
480
+ → Directly addresses core requirement for verification
481
+ → Evidence: Testing capability explicitly mentioned
482
+ → Assessment: VALIDATES capability (provides evidence)
483
+
484
+ ✅ "Compliance reporting"
485
+ → Addresses governance element for audit
486
+ → Evidence: Governance capability present
487
+ → Assessment: GOVERNANCE + VALIDATES capability
488
+
489
+ STEP 3: CAPABILITY ROLE DETERMINATION
490
+
491
+ Primary Analysis Questions:
492
+ 1. Does vendor directly implement the safeguard? → YES (automation, encryption, testing)
493
+ 2. Does vendor provide complete coverage? → YES (all core elements covered)
494
+ 3. Does vendor enhance governance? → YES (compliance reporting)
495
+ 4. Does vendor provide validation? → YES (testing and reporting)
496
+
497
+ STEP 4: CONFIDENCE ASSESSMENT
498
+
499
+ Evidence Quality Evaluation:
500
+ - Specificity: HIGH (technical details provided)
501
+ - Coverage: COMPREHENSIVE (all elements addressed)
502
+ - Implementation Language: STRONG (direct capability claims)
503
+ - Technical Depth: GOOD (encryption, automation, testing mentioned)
504
+
505
+ Confidence Factors:
506
+ + Comprehensive coverage of requirements ✅
507
+ + Strong technical implementation language ✅
508
+ + Explicit testing and validation capabilities ✅
509
+ + Governance and compliance features ✅
510
+ - Could use more detail on RTO/RPO objectives ⚠️
511
+
512
+ FINAL ASSESSMENT:
513
+
514
+ CAPABILITY ROLES: FULL + GOVERNANCE + VALIDATES
515
+ CONFIDENCE: 87%
516
+
517
+ REASONING:
518
+ Acronis demonstrates strong alignment with all core requirements and sub-elements of safeguard 11.1. The solution provides direct implementation (FULL), governance capabilities through compliance reporting (GOVERNANCE), and validation through recovery testing and reporting (VALIDATES).
519
+
520
+ LEARNING TAKEAWAY:
521
+ Effective vendor assessment requires:
522
+ 1. Understanding each safeguard element
523
+ 2. Mapping vendor capabilities to specific requirements
524
+ 3. Evaluating evidence quality and specificity
525
+ 4. Considering governance and validation aspects
526
+ 5. Assigning confidence based on evidence strength
527
+ ```
528
+
529
+ ## 🔧 Implementation Best Practices
530
+
531
+ ### Pattern Selection Guidelines
532
+
533
+ 1. **Basic Assessment**: Single vendor, single safeguard
534
+ 2. **Comparative Analysis**: Multiple vendors, single safeguard
535
+ 3. **Compliance Focus**: Single vendor, regulatory requirements
536
+ 4. **Risk-Based**: Single vendor, threat landscape consideration
537
+ 5. **Integration Assessment**: Single vendor, technology stack fit
538
+ 6. **Gap Analysis**: Current state vs multiple safeguards
539
+ 7. **Custom Methodology**: Specialized assessment criteria
540
+ 8. **Educational**: Learning-focused detailed analysis
541
+
542
+ ### Optimization Tips
543
+
544
+ - **Be Specific**: Include organizational context, risk profile, and technical environment
545
+ - **Request Structure**: Ask for confidence scores, reasoning, and recommendations
546
+ - **Compare Options**: Use comparative analysis for vendor selection decisions
547
+ - **Consider Integration**: Factor in existing technology stacks and processes
548
+ - **Plan Implementation**: Request timelines, costs, and success metrics
549
+ - **Learn Continuously**: Use educational patterns to build assessment expertise
550
+
551
+ ---
552
+
553
+ **The Pure Data Provider architecture enables unlimited analysis creativity - these patterns are just the beginning of what's possible with authoritative CIS data and LLM intelligence.**
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "framework-mcp",
3
- "version": "1.3.7",
4
- "description": "Dual-architecture server (MCP + HTTP API) for determining vendor tool capability roles against CIS Controls Framework. Supports Microsoft Copilot custom connectors and DigitalOcean App Services deployment.",
3
+ "version": "1.4.0",
4
+ "description": "Pure Data Provider architecture serving authentic CIS Controls Framework data via MCP and HTTP API. Empowers LLMs with authoritative safeguards data for analysis. Supports Microsoft Copilot custom connectors and DigitalOcean App Services deployment.",
5
5
  "main": "dist/interfaces/http/http-server.js",
6
6
  "type": "module",
7
7
  "scripts": {
@@ -115,14 +115,14 @@ VERSION_ISSUES=()
115
115
 
116
116
  for file in "${VERSION_FILES[@]}"; do
117
117
  if [ -f "$file" ]; then
118
- if ! grep -q "1.3.7" "$file"; then
118
+ if ! grep -q "1.4.0" "$file"; then
119
119
  VERSION_ISSUES+=("$file")
120
120
  fi
121
121
  fi
122
122
  done
123
123
 
124
124
  if [ ${#VERSION_ISSUES[@]} -eq 0 ]; then
125
- echo "✅ Version 1.3.7 consistent across all files"
125
+ echo "✅ Version 1.4.0 consistent across all files"
126
126
  else
127
127
  echo "❌ Version inconsistency in: ${VERSION_ISSUES[*]}"
128
128
  fi
@@ -144,7 +144,7 @@ echo "✅ HTTP Server: Working"
144
144
  echo "✅ All 4 API Endpoints: Functional"
145
145
  echo "✅ 153 CIS Safeguards: Available"
146
146
  echo "✅ Documentation: Consistent"
147
- echo "✅ Version 1.3.7: Aligned"
147
+ echo "✅ Version 1.4.0: Aligned"
148
148
  echo "✅ Architecture: Clean (4 tools)"
149
149
  echo
150
- echo "🎉 Framework MCP v1.3.7 Ready for Release!"
150
+ echo "🎉 Framework MCP v1.4.0 Ready for Release!"
package/src/index.ts CHANGED
@@ -11,8 +11,7 @@ if (import.meta.url === `file://${process.argv[1]}`) {
11
11
 
12
12
  export { FrameworkMcpServer } from './interfaces/mcp/mcp-server.js';
13
13
  export { FrameworkHttpServer } from './interfaces/http/http-server.js';
14
- export { CapabilityAnalyzer } from './core/capability-analyzer.js';
15
14
  export { SafeguardManager } from './core/safeguard-manager.js';
16
15
 
17
- // Clean architecture - all safeguards data moved to SafeguardManager
16
+ // Pure Data Provider architecture - authentic CIS Controls data via SafeguardManager
18
17