Trending Actors
To monitor for trending actors, use the actors index page, with the 'sort' parameter set to one of the following:
A string used to filter threat actors. It can start with specific prefixes to indicate the type of filter:
name:: Filter by Name, case-insensitive.uuid:: Filter by UUID, case-insensitive.internal_name:: Filter by internal_name (exact match).desc:: Filter by description (searches both description and gen_description fields). If no prefix is provided, it defaults to filtering on the display_name or name fields. Examples:name:APTname:lazarus_groupinternal_name:m-threat-actor-happy-yellow-dog-a123lazarus_groupLazarus Group
The number of items to skip before starting to collect the result set.
0Field to sort by - either name, created_at, updated_at, enriched_at, trending_1d, trending_7d, or trending_30d
created_atPattern: ^(name|created_at|updated_at|enriched_at|trending_1d|trending_7d|trending_30d)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The maximum number of items to return.
100Include entities that have been merged into other entities
falseWhen true, returns only threat actors that the tenant is following
falseFilter on the motivation field by exact match
Filter on the motivation field for items not equal to the given value
Filter on the motivation field for items that match any value in a comma-separated list
Filter on the motivation field for items that do not match any value in a comma-separated list
Filter on the motivation field for items that match a SQL LIKE pattern (use % as wildcard, case-sensitive)
Filter on the motivation field for items that match a SQL LIKE pattern (use % as wildcard, case-insensitive)
Filter on the sponsor field by exact match
Filter on the sponsor field for items not equal to the given value
Filter on the sponsor field for items that match any value in a comma-separated list
Filter on the sponsor field for items that do not match any value in a comma-separated list
Filter on the sponsor field for items that match a SQL LIKE pattern (use % as wildcard, case-sensitive)
Filter on the sponsor field for items that match a SQL LIKE pattern (use % as wildcard, case-insensitive)
Filter on the family_name field by exact match
Filter on the family_name field for items not equal to the given value
Filter on the family_name field for items that match any value in a comma-separated list
Filter on the family_name field for items that do not match any value in a comma-separated list
Filter on the family_name field for items that match a SQL LIKE pattern (use % as wildcard, case-sensitive)
Filter on the family_name field for items that match a SQL LIKE pattern (use % as wildcard, case-insensitive)
Filter on the created_at field by exact match
Filter on the created_at field for items not equal to the given value
Filter on the created_at field for items less than the given value
Filter on the created_at field for items less than or equal to the given value
Filter on the created_at field for items greater than the given value
Filter on the created_at field for items greater than or equal to the given value
Filter on the updated_at field by exact match
Filter on the updated_at field for items not equal to the given value
Filter on the updated_at field for items less than the given value
Filter on the updated_at field for items less than or equal to the given value
Filter on the updated_at field for items greater than the given value
Filter on the updated_at field for items greater than or equal to the given value
Successful Response
Not found
Validation Error
Last updated