DORA Article 26 Threat-Led Penetration Testing planner — TIBER-EU pathway scoping, white-team RACI, threat-intel templates, HMAC-signed compliance attestations. By MEOK AI Labs.
Project description
meok-dora-tlpt-planner-mcp
DORA Article 26 Threat-Led Penetration Testing (TLPT) planner — TIBER-EU pathway scoping, white-team RACI, threat-intel briefing templates, and HMAC-signed compliance attestations.
By MEOK AI Labs · MIT licensed · runs as an MCP server inside Claude Code, Cursor, Cline, Windsurf, etc.
Why this exists
DORA Reg (EU) 2022/2554 Articles 26-27 require significant/systemic financial entities to conduct Threat-Led Penetration Testing (TLPT) every three years using accredited red-team providers and following the TIBER-EU framework.
Today, TLPT engagements cost €250-500K minimum (€30-80K threat-intel report + €100-500K red-team + €100-500K remediation reserve). Sub-significant institutions wanting to look ready for a regulator visit have no entry-level path.
This MCP gives you the scoping + planning layer for free, MIT-licensed, callable from any AI agent, with HMAC-signed attestations the regulator can verify cryptographically.
It does not replace an accredited red-team provider. It compresses the planning + RACI + remediation tracking phases that today eat 30-40% of TLPT consulting fees.
Tools
| Tool | Use |
|---|---|
scope_tlpt |
Generate a DORA Art. 26 scope document with phase plan, RACI, RT-provider requirements, budget tiering |
threat_intel_brief |
Produce a TIBER-EU v2.0-compliant TTI brief template to commission accredited threat-intel providers |
remediation_milestones |
90/180/365-day remediation plan with severity-mapped closure timelines (Art. 26(7)) |
signed_tlpt_attestation |
HMAC-sign your TLPT attestation via meok-attestation-api; produces verification URL |
list_phases |
List the 3 TIBER-EU phases (preparation/testing/closure) with deliverables |
pricing |
Pricing tiers (free / £79 Pro / £1,499 Enterprise / from £5K bespoke) |
Install
pip install meok-dora-tlpt-planner-mcp
Then add to your Claude Code / Cursor / Cline MCP config:
{
"mcpServers": {
"meok-dora-tlpt-planner": {
"command": "python",
"args": ["-m", "meok_dora_tlpt_planner"]
}
}
}
Example use
Inside Claude Code:
"Scope a DORA TLPT for Acme Bank N.V., a credit institution operating in DE, NL, IE. Critical functions: retail-payments, core-banking, customer-onboarding. Last TLPT was 2023-06-15. Annual budget estimate €750K."
Claude calls scope_tlpt(...), returns a structured scope doc with phase plan, RACI, RT-provider requirements, and budget tiering. You review, correct, sign with signed_tlpt_attestation(), hand to your white-team-lead.
"Generate the 90/180/365 remediation milestone plan for 47 findings: 3 critical, 11 high, 23 medium, 10 low."
Claude returns a structured milestone plan with severity-mapped closure timelines per DORA Art. 26(7).
Compliance posture
- DORA Reg (EU) 2022/2554 Art. 26-27 (TLPT)
- DORA RTS on TLPT (per Art. 26(11) — final RTS adopted 2024)
- TIBER-EU framework v2.0 (ECB, August 2023 update)
- MITRE ATT&CK Enterprise + ICS (for TTP mapping in TTI briefs)
- ICD-203 standard for attribution confidence statements
Pricing
- Free — full toolset, public attestation API (shared HMAC issuer)
- £79/mo Pro — your own HMAC signing key + custom verify domain
- £1,499/mo Enterprise — multi-BU separation for group-level coordination + SLA
- from £5,000 bespoke — self-hosted attestation API + GRC integrations + on-site training
Buy: https://meok.ai/pricing · Contact: nicholas@csoai.org
Reseller / consultancy partnership
If you're a Big 4 / boutique consultancy running TLPT engagements, MEOK has a 70/30 reseller split for the Pro tier. White-label it for your clients. Email nicholas@csoai.org with subject "TLPT reseller inquiry".
License
MIT. © 2026 Nicholas Templeman / CSOAI LTD (UK Companies House 16939677).
See also
- meok-dora-compliance-mcp — broader DORA compliance toolkit (Art. 28 register, Art. 18 incident reporting)
- meok-attestation-api — public verifiable attestation infrastructure
- Full MEOK fleet
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file meok_dora_tlpt_planner_mcp-1.0.1.tar.gz.
File metadata
- Download URL: meok_dora_tlpt_planner_mcp-1.0.1.tar.gz
- Upload date:
- Size: 4.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
eec930b1bbde25052f1392242fe2568f4c9bc01b70f12db237e049e0fddabfb4
|
|
| MD5 |
00969607b673bdae7db230cf621d1ca1
|
|
| BLAKE2b-256 |
4f0b93a02aa6aa479ce3b5754856ef6c35524252e7d48bec18cf5556913cf546
|
File details
Details for the file meok_dora_tlpt_planner_mcp-1.0.1-py3-none-any.whl.
File metadata
- Download URL: meok_dora_tlpt_planner_mcp-1.0.1-py3-none-any.whl
- Upload date:
- Size: 4.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0a01254c1ba49efde14a7e844a6ab8741e5643e27c4bcc288ae1d966ea7d3a8d
|
|
| MD5 |
948abb759d1ab626f20d5de265b7039a
|
|
| BLAKE2b-256 |
c01931d40cc4e123b5846e9c5e0a35a2d81e391a06912bbe54a622c69e710f79
|
