Thoropass Launches MCP Server to Further Streamline AI-native Audit Capabilities

Enables customers to connect their AI agents with the Thoropass Audit Lifecycle Platform

NEW YORK, July 9, 2026: Thoropass, the AI-native end-to-end cybersecurity auditor, today announced the launch of its MCP (Model Context Protocol) server, enabling customers to seamlessly connect their organizations’ AI agents directly with Thoropass’ Audit Lifecycle Platform. The MCP allows AI agents to securely interact with Thoropass audit data and evidence workflows, empowering customers to reduce manual work across the compliance audit lifecycle.

The Thoropass MCP server offers a standardized approach to connecting AI agents with Thoropass’s proprietary Audit Lifecycle Platform, and enables organizations' security compliance and engineering teams to reduce the manual effort required to complete SOC 2 and other compliance audits. Giving customers’ AI agents access to relevant Thoropass context, including audit scope, evidence request details, and API documentation, redefines how customers and their AI tools interact with their auditors. It solves the last-mile challenge in IT audits, allowing customers to connect systems of record, retrieve supporting documentation, and move evidence through the Thoropass platform in an AI-native fashion.

The MCP significantly reduces recurring evidence collection work by enabling agents to assist with known evidence gathering, validation, submission, and error handling. The capability extends Thoropass’ Audit Lifecycle Platform with more AI-native workflows for evidence collection and submission, helping teams streamline audit cycles while maintaining human oversight, audit traceability, and control.

“AI agents are changing how technical teams interact with their business systems, and compliance should not be left behind,” said Sam Li, CEO of Thoropass. “Our customers want to use AI in practical ways that reduce audit friction without losing control of the process. By developing an MCP for Thoropass, the first of its kind in the industry, we are giving customers a secure path to bring agentic workflows into the audit lifecycle while keeping Thoropass as the system of record.

“Compliance automation has already helped teams move away from spreadsheet-driven audits and manual evidence tracking. The next step is enabling AI agents to work with the structured audit context inside Thoropass. Our MCP server is being built to help customers use their AI tools to act on that context in a secure, controlled, and useful way,” continued Li.

Thoropass customers who would like to connect to the MCP can contact their customer success manager for more information. 

About Thoropass

Thoropass is the only end-to-end cybersecurity auditor. Our Audit Lifecycle Platform combines continuous, AI-powered evidence collection with the industry’s most advanced suite of AI agents and a highly experienced team of auditors to deliver comprehensive, trusted security audits.

Thoropass offers the most flexible and scalable solution for organizations to ensure compliance with more than 30 frameworks, including SOC 2, PCI, and HITRUST. The Thoropass Audit Lifecycle Platform works seamlessly with any GRC platform and systems of record, ensuring organizations have absolute confidence in their audit–regardless of which software they use across the organization.

Visit thoropass.com for more information.