// MCP TOOL REFERENCE
Medium Risk

d3fend_defense_for_attack

Reverse lookup: given an ATT&CK T-code, return D3FEND defenses that mitigate it. This is the bridge from offensive intelligence (ATT&CK / ATLAS / CVE) to defensive playbook. Pair with cve_lookup or atlas_technique_lookup output — when those carry an ATT&CK id, call this tool to surface the mitiga...

Part of the ContrastAPI server.

d3fend_defense_for_attack can modify ContrastAPI data, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE CONTRASTAPI →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents use d3fend_defense_for_attack to create or modify resources in ContrastAPI. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.

Without a policy, an AI agent could call d3fend_defense_for_attack repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach ContrastAPI.

RECOMMENDED POLICY

Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "d3fend_defense_for_attack": {
      "limits": [
        {
          "counter": "d3fend_defense_for_attack_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

See the full ContrastAPI policy for all 53 tools.

Get this rule live on your own ContrastAPI server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY CONTRASTAPI →

MORE CONTRASTAPI TOOLS

Execute brand_assets Execute redirect_chain Write kev_detail Write seo_audit Read asn_lookup Read atlas_case_study_lookup Read atlas_case_study_search Read atlas_technique_lookup

View all 53 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access d3fend_defense_for_attack gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so d3fend_defense_for_attack only ever does what you allow.

SECURE CONTRASTAPI →

OTHER WRITE TOOLS

Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.

Firecrawl Web Scraping Server firecrawl_generate_llmstxt AbraFlexi contact_create AbraFlexi contact_update AbraFlexi evidence_create AbraFlexi evidence_update AbraFlexi invoice_issued_update

RELATED READING

FAQ

What does the d3fend_defense_for_attack tool do? +

Reverse lookup: given an ATT&CK T-code, return D3FEND defenses that mitigate it. This is the bridge from offensive intelligence (ATT&CK / ATLAS / CVE) to defensive playbook. Pair with cve_lookup or atlas_technique_lookup output — when those carry an ATT&CK id, call this tool to surface the mitigations. defenses is capped at limit (default 30) for token efficiency; total is the honest pre-truncation count and truncated=true flags when the cap was hit. coverage_by_tactic always aggregates the FULL set, not the slice. Default response is SLIM (drops uri from each row); pass include='full' for the verbose record. Pass exclude_id when drilling from d3fend_defense_lookup to skip self in the 'see also' list. Returns 200 with empty defenses list when the T-code has no D3FEND mapping (the gap is itself a signal). Free: 30/hr, Pro: 500/hr. Returns {attack_technique_id, total, truncated, defenses [{defense_id, label, uri (only when include=full), parent_label, tactic, artifact, attack_label, attack_tactic}], coverage_by_tactic, next_calls}.. It is categorised as a Write tool in the ContrastAPI MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on d3fend_defense_for_attack? +

Register the ContrastAPI MCP server in PolicyLayer and add a rule for d3fend_defense_for_attack: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches ContrastAPI. Nothing to install.

What risk level is d3fend_defense_for_attack? +

d3fend_defense_for_attack is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit d3fend_defense_for_attack? +

Yes. Add a rate_limit block to the d3fend_defense_for_attack rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block d3fend_defense_for_attack completely? +

Set action: deny in the PolicyLayer policy for d3fend_defense_for_attack. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides d3fend_defense_for_attack? +

d3fend_defense_for_attack is provided by the ContrastAPI MCP server (https://api.contrastcyber.com/mcp/). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every ContrastAPI tool call.

Deterministic rules across all 53 ContrastAPI tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE CONTRASTAPI →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.