What it looks like
A simulated session. The tool names and the shape of every response are the real Siemserva MCP tools, exactly as Claude sees them.
## Machines Missing: KB5087539 **23 device(s) affected:** | Device | OS | Last Seen | Exposure | Provider | |---------------|-------------------|------------|----------|--------------| | DESKTOP-7F2K1 | Windows 11 25H2 | 2026-07-04 | High | Defender TVM | | LAPTOP-QA-04 | Windows 11 25H2 | 2026-07-03 | Medium | Defender TVM | | SRV-FIN-02 | Windows Server | 2026-07-04 | High | Defender TVM | | ... 20 more | | | | |
## Patch Action Plan **Overall Risk: CRITICAL** | Providers: Defender TVM + CISA KEV + EPSS **41 missing patches** across **37 devices** **Key findings:** - 3 patch(es) contain CVEs in the CISA KEV catalog: confirmed actively exploited in the wild. - 1 patch(es) are linked to known ransomware campaigns. - 2 patch(es) have EPSS >= 70%: near-certain exploitation probability within 30 days. ### Act Within 24 Hours Confirmed exploitation in the wild or near-certain breach probability. Do not wait for a change window. 1. KB5087539 (23 devices, KEV, EPSS 72%) 2. KB5087423 (4 devices, KEV) ...
Third-party tooling these AI interactions read: patch state from Microsoft Defender for Endpoint and Azure Update Manager today, with more sources on the way. Apps published to Intune by PatchMyPC, Scappman, Robopack, or any Win32 vendor are read vendor-neutrally. Deploying stays in the tools you already run.
AI patch management questions, answered
Anything the scan knows: which machines are missing a specific KB, which devices are exposed to a CVE, what to deploy first this week, which devices carry the most risk. The MCP tools behind those questions are the real Siemserva tools, including GetMachinesMissingPatch, GetDevicesVulnerableToCve, and GetActionPlan.
From your scan database and live provider APIs (Microsoft Defender for Endpoint, Azure Update Manager), never from the model's memory. Every number in an answer traces to a tool result, which is what makes the output defensible.
No. The AI interactions read and rank. Deploying updates stays in the tools you already run: Intune, Windows Autopatch, or your RMM. Configuration remediation elsewhere in Senserva is approve-before-apply and separate from patching.
Claude is the first-class integration through MCP, and the same MCP server works with any MCP-capable client. Senserva also generates AI-enhanced reports without any interactive session, using the same validated scan data.