MCP Spotlight: WhisperGraph — 46 Billion Nodes of Internet Intelligence, Queryable by Your Agent
Server: WhisperGraph by whisper-sec
Stars: 376 · License: Apache 2.0 · Language: TypeScript
MCP Transport: stdio + Streamable HTTP + hosted remote (mcp.whisper.security)
Graph scale: 46B nodes/edges, 20 entity types, ~40 threat feeds · Last updated: May 17, 2026
What It Does
Internet infrastructure data is scattered across a dozen services. DNS records sit in one place, BGP routing history in another, WHOIS registrations in a third, and threat intelligence feeds in a fourth. To answer a single question — "is this domain malicious?" — an analyst chains together six different queries across four different tools.
WhisperGraph unifies all of it into a single Cypher-queryable graph database: 46 billion nodes and edges mapping every domain, IP, ASN, prefix, organization, web link, and threat-intelligence listing into one connected model. DNS resolution, BGP origin history, WHOIS contacts, SPF chains, and ~40 threat feeds across 18 categories — all reachable through the same MCP server.
And it's built for agents from day one. Signup is two HTTP calls — no browser, no CAPTCHA. An AI agent can provision its own API key programmatically in ~5 seconds.
Why It Matters for Agent Engineering
Security operations is one of the most natural domains for AI agents — and one where tool fragmentation causes the most friction. The typical investigation workflow looks like this:
- Check DNS records →
digor a DNS API - Look up BGP origin → BGP.tools or RIPEstat API
- Pull WHOIS registrant → a WHOIS API
- Check threat feeds → VirusTotal, AbuseIPDB, etc.
- Trace related infrastructure → repeat steps 1–4 for every related domain/IP
Each step involves a different tool, a different API key, a different response format. The agent spends most of its time on orchestration, not investigation.
WhisperGraph collapses this into a single step:
MATCH (d:Domain {name:'suspicious.example.com'})-[:RESOLVES_TO]->(ip:IP)-[:HOSTED_BY]->(asn:ASN)
MATCH (ip)-[:LISTED_ON]->(ti:ThreatIntel)
RETURN d, ip, asn, ti
One Cypher query. DNS, BGP, and threat intel in a single response. The agent can follow relationships across entity types without changing tools, API endpoints, or response parsers.
The MCP Tool Surface
WhisperGraph exposes six read-only tools, designed for the investigation workflow:
| Tool | Purpose |
|---|---|
query | Execute Cypher queries against the 46B-node graph |
list_labels | List all 20 node labels with counts — anchors your query |
describe_label | Confirm a label exists and enumerate its property keys |
explain_indicator | Threat assessment for IP, hostname, CIDR, or ASN — score, level, factors |
whisper_history | Historical WHOIS or BGP data for an indicator |
domain_variants | Typosquatting and brand-protection variants, checked against the graph |
All queries go through a safety rule set before reaching the backend. The MCP server validates Cypher syntax and rejects destructive operations at the protocol level — your agent can't accidentally DELETE from the graph.
Eight Investigation Prompts, Built In
One of WhisperGraph's smartest design choices: it ships with eight MCP prompt templates that give the LLM a structured starting point for common investigations:
| Prompt | What It Guides the Agent To Do |
|---|---|
investigate-ip | Full threat assessment: DNS, BGP, WHOIS, threat feeds |
map-attack-surface | Enumerate all domains, IPs, and ASNs for an organization |
compare-domains | Side-by-side comparison of two domains' infrastructure |
blast-radius | Trace all infrastructure connected to a compromised indicator |
threat-triage | Quick scoring and prioritization of a list of indicators |
whois-pivot | Find all domains registered by the same entity |
bgp-investigation | Route hijacking and MOAS conflict analysis |
typosquat-sweep | Discover registered lookalike domains targeting a brand |
These aren't just documentation — they're executable workflows the agent can invoke directly. An incident responder can say "do a blast radius analysis on this IP" and the agent follows the structured investigation template without needing step-by-step instruction.
Agent-First Design
WhisperGraph made a deliberate architectural choice that sets it apart from most API-based MCP servers: programmatic agent signup.
Most SaaS APIs require a human to visit a website, fill out a form, solve a CAPTCHA, and copy an API key. WhisperGraph's signup is two API calls:
POST https://console.whisper.security/api/signup
Content-Type: application/json
{"email":"your-agent@example.com","attribution":{"agent_name":"my-agent","source":"facio"}}
Whisper emails a verification code. The agent retrieves it and calls:
POST https://console.whisper.security/api/signup/verify
{"signup_id":"...","code":"..."}
The response contains api_key, mcp_url, dashboard_url, and docs_url. Working API key in ~5 seconds, entirely automated. This is how all SaaS APIs should work for agent workflows — and almost none of them do.
Connecting WhisperGraph to Facio
Step 1: Agent Signup (Programmatic)
Your Facio agent can provision its own WhisperGraph API key. The two-call signup flow means no manual browser steps — the agent registers, verifies email, and receives credentials autonomously.
Step 2: Use the Hosted Remote Server
No installation needed. Whisper runs a hosted MCP server at https://mcp.whisper.security:
{
"mcpServers": {
"whisper": {
"url": "https://mcp.whisper.security",
"headers": {
"Authorization": "Bearer ${credentials.WHISPERGRAPH_API_KEY}"
}
}
}
}
Step 3: Or Self-Host the MCP Layer
For teams that want the MCP server in their own environment:
docker run -p 8080:8080 -e MCP_TRANSPORT=http \
-e WHISPER_API_KEY=${credentials.WHISPERGRAPH_API_KEY} \
ghcr.io/whisper-sec/whisper-graph-mcp:latest
The self-hosted Docker container relays queries to the WhisperGraph API — your API key stays in your environment, and you control the network path.
Production Patterns
Automated Threat Triage
With WhisperGraph connected to Facio, a security agent can run autonomous triage on alert feeds:
Agent workflow (triggered by SIEM alert):
1. Extract IP addresses and domains from alert payload
2. For each indicator: whisper.explain_indicator → threat score + factors
3. For high-severity indicators: whisper.query to trace blast radius
4. Aggregate into a triage report with prioritized response actions
5. Route high-risk findings through Facio's HITL approval for escalation
The agent handles the repetitive triage work — checking 40 threat feeds, tracing infrastructure connections, scoring indicators. Human analysts review only the high-severity cases that need decision-making.
Brand Protection Monitoring
The domain_variants tool enables autonomous typosquatting detection:
- Agent maintains a list of monitored domains (your brands, your clients)
- Cron-triggered:
whisper.domain_variantsfor each domain - Cross-reference results against the graph to check if variants are registered and hosted
- Alert on new registrations that match known malicious infrastructure patterns
- Generate takedown recommendations with evidence
All automated. The agent doesn't just detect — it traces the infrastructure to build a complete picture for takedown requests.
Incident Response Blast Radius
When a compromise is confirmed, the first question is always: "what else is affected?"
MATCH (compromised:IP {address:'203.0.113.42'})-[:HOSTED_BY]->(asn:ASN)
MATCH (asn)<-[:HOSTED_BY]-(sibling:IP)-[:RESOLVES_TO]-(domain:Domain)
MATCH (sibling)-[:LISTED_ON]->(ti:ThreatIntel)
RETURN domain.name, sibling.address, ti.feed, ti.category
One query traces from a compromised IP to its ASN, finds all sibling IPs in the same ASN, resolves their domains, and checks threat intelligence listings. What would take a human analyst 30 minutes of tab-switching takes the agent 30 seconds.
Data Breadth
WhisperGraph's 46 billion nodes cover a remarkable range:
| Category | Coverage |
|---|---|
| DNS | Resolution, nameservers, MX, SPF chains, DNSSEC |
| BGP | ASN ownership, origin history, MOAS conflicts, peering |
| WHOIS | Registrars, contacts, organization mapping, history |
| Threat Intel | ~40 feeds across 18 categories |
| Web Graph | 10.9 billion hyperlinks for inter-domain analysis |
| Hosting | Provider identification, infrastructure mapping |
The explain_indicator tool also supports CALL explain() for full threat scoring — breaking down which feeds contributed to a score and why. This transparency is critical for HITL workflows where a human needs to understand the reasoning before acting.
Comparison: WhisperGraph vs. Traditional Threat Intel Pipelines
| Capability | WhisperGraph MCP | Traditional Stack |
|---|---|---|
| Single query interface | ✓ Cypher | — 4+ APIs |
| Cross-entity traversal | ✓ Native graph | — Manual JOINs |
| Programmatic agent signup | ✓ 2 HTTP calls | — Browser + CAPTCHA |
| Built-in investigation templates | ✓ 8 prompts | — Custom playbooks |
| Threat scoring transparency | ✓ CALL explain() | — Black-box scores |
| Self-hosted option | ✓ Docker | — Per-tool deployment |
| Query safety validation | ✓ Rule-based | — API-level only |
For security teams building agent-powered workflows, the single-interface model eliminates the orchestration layer that would otherwise dominate development time.
Key Takeaways
- 46 billion nodes, one endpoint: DNS, BGP, WHOIS, and threat intelligence unified in a Cypher-queryable graph
- Agent-first signup: Programmatic API key provisioning in 2 HTTP calls — no browser, no CAPTCHA, no waiting
- Six read-only tools: Query, schema exploration, threat assessment, history, and domain variant detection
- Eight investigation prompts: Structured workflows for common security tasks —
blast-radius,threat-triage,typosquat-sweep, and more - Hosted or self-hosted: Use
mcp.whisper.securityfor zero-install, or Docker for on-premises deployments - Query safety: All Cypher validated against a safety rule set — destructive operations rejected at the protocol level
- Transparent threat scoring:
CALL explain()shows exactly which feeds and factors contribute to a threat assessment - 36B reasons this matters: The graph grows continuously. Your agent always queries the latest internet infrastructure data — no stale snapshots
WhisperGraph: whisper.security · GitHub: github.com/whisper-sec/whisper-graph-mcp · Agent Signup: whisper.security/docs/agent-signup · Cypher Reference: whisper.security/docs/cypher-api-reference · Glama: glama.ai/mcp/servers/whisper-sec/whispergraph · Facio MCP docs: facio.bot/docs/mcp