API Reference
If you're looking to simply browse the API, you're in the right place, all supported endpoints can be found on this page.
Alternatively, if you have a specific use case in mind, please see the API Guides on the left hand side to see if one of the guides fits your needs.
This is an alphabetical listing of all supported endpoints. If you're looking for a specific endpoint, you can use the search bar to find
Retrieve a list of all source configurations.
Successful Response
Not found
GET /v1/sources HTTP/1.1
Host:
Accept: */*
{
"count": 1,
"sources": [
{
"slug": "text",
"description": "text",
"options": {
"reference_type": "text",
"content_label_hints": [
"text"
],
"reliability": 1,
"match_url_patterns": [
"text"
]
},
"content_label_hints": [
"text"
]
}
]
}A string used to filter references. Allowed filter terms:
source:: filter by source. (exact match - lowercase)domain:: filter by domain. (case insensitive substring filter)url:: filter by url. (case insensitive substring filter)final_url:: filter by final_url. (case insensitive substring)title:: filter the title for a string. (case insensitive substring filter)topic:: filter the topic for a string. (case insensitive substring filter)embedding:: filter by content chunk embedding (semantic search)last_http_status:: filter by last_http_status (exact match)type:: filter by type. (exact match - converted to uppercase)- If no prefix is provided, the filter will be conducted on the url.
- All filters can be combined with date range parameters for more precise results.
Field to sort by - either created_at, updated_at, published_at, first_collected_at, or last_collected_at
published_atPattern: ^(published_at|first_collected_at|last_collected_at|created_at|updated_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0Whether to include user-generated content in the response.
falseThe maximum number of items to return.
100Filter references published after this date. Supports various formats including ISO 8601 (e.g., '2024-01-01T00:00:00Z'), date only (e.g., '2024-01-01'), and common formats (e.g., 'Jan 1, 2024', '1/1/2024')
Filter references published before this date. Supports various formats including ISO 8601 (e.g., '2024-12-31T23:59:59Z'), date only (e.g., '2024-12-31'), and common formats (e.g., 'Dec 31, 2024', '12/31/2024')
Filter references created after this date. Supports various formats including ISO 8601 (e.g., '2024-01-01T00:00:00Z'), date only (e.g., '2024-01-01'), and common formats (e.g., 'Jan 1, 2024', '1/1/2024')
Filter references created before this date. Supports various formats including ISO 8601 (e.g., '2024-12-31T23:59:59Z'), date only (e.g., '2024-12-31'), and common formats (e.g., 'Dec 31, 2024', '12/31/2024')
Successful Response
Not found
Validation Error
GET /v1/references HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"url": "text",
"url_hash": "text",
"type": "STRUCTURED",
"source": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"first_collected_at": "2025-10-24T18:08:34.728Z",
"last_collected_at": "2025-10-24T18:08:34.728Z",
"screenshotted_at": "2025-10-24T18:08:34.728Z",
"user_generated_content": true,
"synthetic": true,
"content_type": "text",
"topic": "text",
"authors": [
"text"
],
"content_chunk_uuids": [
"text"
],
"final_url": "text",
"last_http_status": 1,
"submitter": "text",
"screenshot_url": "text"
}
]
}Retrieve a reference by its identifier.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
This endpoint returns the reference object associated with the given URL hash. If no reference is found, a 404 error is returned.
The unique hash of the URL or UUID to retrieve the reference for
Successful Response
Not found
Validation Error
GET /v1/references/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"url": "text",
"url_hash": "text",
"type": "STRUCTURED",
"source": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"first_collected_at": "2025-10-24T18:08:34.728Z",
"last_collected_at": "2025-10-24T18:08:34.728Z",
"screenshotted_at": "2025-10-24T18:08:34.728Z",
"user_generated_content": true,
"synthetic": true,
"content_type": "text",
"topic": "text",
"authors": [
"text"
],
"content_chunk_uuids": [
"text"
],
"final_url": "text",
"last_http_status": 1,
"submitter": "text",
"screenshot_url": "text",
"content_chunks": [
{
"uuid": "text",
"hash": "text",
"content_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"analyzed_at": "2025-10-24T18:08:34.728Z",
"extracted_content": {
"content": "text",
"content_type": "text",
"collected_date": "2025-10-24T18:08:34.728Z",
"url_hash": "text",
"url": "text",
"source": "text",
"topic": "text",
"authors": [
"text"
],
"published_date_str": "text",
"published_date": "text",
"content_hash": "text"
},
"analysis_object": {
"version": "3.0.0",
"url_hash": "text",
"content_hash": "text",
"source": "text",
"complete": false,
"meta": {
"analysis_type": "text",
"version": 1,
"content_labels": [
"text"
],
"cyber_marketing_content": true,
"disparate_topics": true,
"cyber_intel_content": true
},
"triage": {
"analysis_type": "text",
"version": 1,
"detailed_ttps_discussed": true,
"ioc_mention": true,
"breach_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"campaign_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"agency_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"person_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"product_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"software_package_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"location_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"malware_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"organization_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"attack_pattern_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"defensive_pattern_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"threat_actor_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"vulnerability_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
]
},
"upstream": {
"analysis_type": "text",
"version": 1,
"upstream_source_urls": [
{
"url": "text",
"relation": "primary_source",
"evidence": {
"anchor_text": "text",
"quote": "text",
"char_start": 1,
"char_end": 1
}
}
]
},
"summary_and_fact_extraction": {
"version": 1,
"analysis_type": "text",
"synopsis": "text",
"facts": [
"text"
]
},
"product_advisory": {
"analysis_type": "text",
"version": 1,
"advisory_id": "text",
"cve_ids": [
"text"
],
"vendor": "text",
"advisory_version": "text",
"last_updated": "text",
"status": "text",
"summary": "text",
"impact": "text",
"mitigation": "text",
"remediation": "text",
"exploit_exists": true,
"exploited_in_the_wild": true,
"reporter": "text",
"references": [
"text"
],
"revisions": [
{
"version": "text",
"description": "text",
"section": "text",
"status": "text",
"date": "text"
}
],
"vulnerable_product_configurations": [
{
"product": "text",
"affected": "text",
"affected_versions": [
"text"
],
"fixed_versions": [
"text"
],
"associated_bug_ids": [
"text"
],
"cpe_ids": [
"text"
]
}
]
},
"focused_technology_products": {
"analysis_type": "text",
"version": 1,
"entries": [
{
"version": 1,
"vendor": "text",
"product": "text",
"versions": [
"text"
],
"context": "text",
"overview": "text"
}
]
},
"focused_threat_actors": {
"analysis_type": "text",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"sub_groups": [
"text"
],
"context": "text",
"overview": "text",
"nation_state_sponsor": "text",
"source_geography": "text",
"targeted_industries": [
"text"
],
"targeted_geographies": [
"text"
],
"malware_used": [
"text"
],
"vulnerabilities_used": [
"text"
],
"techniques_used": [
"text"
]
}
]
},
"focused_vulnerabilities": {
"analysis_type": "focused_vulnerabilities",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"context": "text",
"overview": "text",
"cve_id": "text",
"active_scanning": true,
"exploit_code_exists": true,
"exploited_in_the_wild": true,
"used_in_malware": true,
"used_in_ransomware": true,
"associated_malware": [
"text"
],
"associated_threat_actors": [
"text"
],
"associated_targeted_products": [
"text"
],
"patches_exist": true,
"mitigations_exist": true
}
]
},
"focused_malware": {
"analysis_type": "focused_malware",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"categories": [
"text"
],
"context": "text",
"overview": "text",
"targeted_industries": [
"text"
],
"is_used_in_ransomware": true,
"associated_ransomware": [
"text"
],
"associated_threat_actors": [
"text"
],
"associated_vulnerabilities": [
"text"
],
"discovery_date": "text"
}
]
},
"focused_attack_patterns": {
"analysis_type": "focused_attack_patterns",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"mitre_attack_id": "text",
"context": "text",
"overview": "text"
}
]
},
"focused_breaches": {
"analysis_type": "focused_breaches",
"version": 2,
"entries": [
{
"version": 1,
"name": "text",
"context": "text",
"overview": "text",
"associated_threat_actors": [
"text"
],
"loss_types": [
"text"
],
"loss_description": "text",
"affected_primary_victim": "text",
"affected_downstream_victims": [
"text"
],
"date_occurred": "text",
"date_detected": "text",
"date_reported": "text",
"loss_amount": "text"
}
]
},
"focused_organizations": {
"analysis_type": "focused_organizations",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"industry": "text",
"organization_type": "text",
"context": "text",
"overview": "text"
}
]
},
"focused_people": {
"analysis_type": "focused_people",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"roles": [
"text"
],
"context": "text",
"overview": "text"
}
]
},
"focused_agency_announcements": {
"analysis_type": "focused_agency_announcements",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"countries": [
"text"
],
"regulatory_domains": [
"text"
],
"context": "text",
"overview": "text",
"enforcement_actions": [
"text"
],
"regulatory_changes": [
"text"
],
"affected_industries": [
"text"
],
"compliance_requirements": [
"text"
],
"announcement_date": "text"
}
]
},
"focused_indicators": {
"analysis_type": "focused_indicators",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"type": "text",
"context": "text",
"confidence": "text",
"first_seen": "text",
"last_seen": "text",
"tags": [
"text"
],
"associated_malware": [
"text"
],
"associated_threat_actors": [
"text"
],
"associated_vulnerabilities": [
"text"
]
}
]
},
"focused_locations": {
"analysis_type": "focused_locations",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"location_type": "text",
"context": "text",
"overview": "text",
"country_code": "text",
"region": "text",
"relevance_to_threat": "text",
"targeted_by_threat_actors": [
"text"
],
"targeted_industries": [
"text"
]
}
]
},
"focused_defensive_patterns": {
"analysis_type": "focused_defensive_patterns",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"control_type": "text",
"nist_framework_reference": "text",
"d3fend_id": "text",
"context": "text",
"overview": "text",
"implementation_details": "text",
"effectiveness_notes": "text"
}
]
},
"focused_campaigns": {
"analysis_type": "focused_campaigns",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"campaign_type": "text",
"context": "text",
"overview": "text",
"attributed_threat_actors": [
"text"
],
"targeted_sectors": [
"text"
],
"targeted_countries": [
"text"
],
"attack_vectors": [
"text"
],
"malware_used": [
"text"
],
"vulnerabilities_exploited": [
"text"
],
"timeline": "text",
"objectives": [
"text"
],
"impact_description": "text"
}
]
},
"focused_software_packages": {
"analysis_type": "focused_software_packages",
"version": 1,
"entries": [
{
"version": 1,
"ecosystem": "text",
"maintainer": "text",
"name": "text",
"context": "text",
"associated_threat_actors": [
"text"
],
"associated_malware": [
"text"
],
"associated_vulnerabilities": [
"text"
],
"impact_assessment": "text",
"mitigation_advice": "text",
"affected_versions": [
"text"
],
"fixed_versions": [
"text"
]
}
]
},
"focused_analysis_enabled": false,
"focused_analysis_attempted": false,
"regex_ioc": {
"analysis_type": "regex_ioc",
"asns": [
"text"
],
"attack_mitigations": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_tactics": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_techniques": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"authentihashes": [
"text"
],
"bitcoin_addresses": [
"text"
],
"cves": [
"text"
],
"domains": [
"text"
],
"email_addresses": [
"text"
],
"email_addresses_complete": [
"text"
],
"file_paths": [
"text"
],
"google_adsense_publisher_ids": [
"text"
],
"google_analytics_tracker_ids": [
"text"
],
"imphashes": [
"text"
],
"ipv4_cidrs": [
"text"
],
"ipv4s": [
"text"
],
"ipv6s": [
"text"
],
"mac_addresses": [
"text"
],
"md5s": [
"text"
],
"monero_addresses": [
"text"
],
"registry_key_paths": [
"text"
],
"sha1s": [
"text"
],
"sha256s": [
"text"
],
"sha512s": [
"text"
],
"ssdeeps": [
"text"
],
"tlp_labels": [
"text"
],
"urls": [
"text"
],
"user_agents": [
"text"
],
"xmpp_addresses": [
"text"
]
},
"regex_entity": {
"analysis_type": "regex_entity",
"threat_actors": [
"text"
],
"threat_actor_patterns": [
"text"
]
}
}
}
]
}Retrieve threat actors associated with a reference.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
The unique hash of the URL or UUID to retrieve the reference for
Successful Response
Not found
Validation Error
GET /v1/references/{identifier}/threat-actors HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text",
"misp_uuid": "text",
"provenance": "text",
"motivation": "text",
"sponsor": "text",
"family_name": "text",
"gen_description": "text"
}
]
}The unique hash of the URL or UUID to retrieve the reference for
Successful Response
Not found
Validation Error
GET /v1/references/{identifier}/threat-actor-mentions HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_topic": "text",
"reference_user_generated_content": true,
"threat_actor_uuid": "text",
"threat_actor_name": "text",
"threat_actor_display_name": "text"
}
]
}Retrieve vulnerabilities associated with a reference.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
The unique hash of the URL or UUID to retrieve the reference for
Successful Response
Not found
Validation Error
GET /v1/references/{identifier}/vulnerabilities HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"cve_id": "text",
"state": "text",
"description": "text",
"cvss_base_score": 1,
"cvss_version": 1,
"cvss_vector": "text",
"cvss_source": "text",
"cvss_type": "text",
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"epss_score": 1,
"epss_percentile": 1,
"cisa_kev_added_at": "2025-10-24T18:08:34.728Z",
"reserved_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"upstream_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"raw_mitre_cvelist_v5_cves_adp": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"gen_description": "text",
"gen_display_name": "text",
"gen_cwe_id": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_remediation": "text"
}
]
}The unique hash of the URL or UUID to retrieve the reference for
Successful Response
Not found
Validation Error
GET /v1/references/{identifier}/vulnerability-mentions HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_user_generated_content": true,
"reference_topic": "text",
"vulnerability_uuid": "text",
"cve_id": "text",
"vulnerability_gen_display_name": "text"
}
]
}A string used to filter content chunks. The filter will be conducted within the content chunk embeddings.
Field to sort by - either created_at, updated_at or analyzed_at
created_atPattern: ^(created_at|updated_at|analyzed_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/content_chunks HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"hash": "text",
"content_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"analyzed_at": "2025-10-24T18:08:34.728Z"
}
]
}Retrieve a reference by its identifier.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
This endpoint returns the reference object associated with the given URL hash. If no reference is found, a 404 error is returned.
The unique hash of the URL or UUID to retrieve the reference for
Successful Response
Not found
Validation Error
GET /v1/content_chunks/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"hash": "text",
"content_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"analyzed_at": "2025-10-24T18:08:34.728Z",
"extracted_content": {
"content": "text",
"content_type": "text",
"collected_date": "2025-10-24T18:08:34.728Z",
"url_hash": "text",
"url": "text",
"source": "text",
"topic": "text",
"authors": [
"text"
],
"published_date_str": "text",
"published_date": "text",
"content_hash": "text"
},
"analysis_object": {
"version": "3.0.0",
"url_hash": "text",
"content_hash": "text",
"source": "text",
"complete": false,
"meta": {
"analysis_type": "text",
"version": 1,
"content_labels": [
"text"
],
"cyber_marketing_content": true,
"disparate_topics": true,
"cyber_intel_content": true
},
"triage": {
"analysis_type": "text",
"version": 1,
"detailed_ttps_discussed": true,
"ioc_mention": true,
"breach_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"campaign_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"agency_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"person_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"product_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"software_package_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"location_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"malware_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"organization_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"attack_pattern_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"defensive_pattern_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"threat_actor_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
],
"vulnerability_entities": [
{
"name": "text",
"aliases": [
"text"
]
}
]
},
"upstream": {
"analysis_type": "text",
"version": 1,
"upstream_source_urls": [
{
"url": "text",
"relation": "primary_source",
"evidence": {
"anchor_text": "text",
"quote": "text",
"char_start": 1,
"char_end": 1
}
}
]
},
"summary_and_fact_extraction": {
"version": 1,
"analysis_type": "text",
"synopsis": "text",
"facts": [
"text"
]
},
"product_advisory": {
"analysis_type": "text",
"version": 1,
"advisory_id": "text",
"cve_ids": [
"text"
],
"vendor": "text",
"advisory_version": "text",
"last_updated": "text",
"status": "text",
"summary": "text",
"impact": "text",
"mitigation": "text",
"remediation": "text",
"exploit_exists": true,
"exploited_in_the_wild": true,
"reporter": "text",
"references": [
"text"
],
"revisions": [
{
"version": "text",
"description": "text",
"section": "text",
"status": "text",
"date": "text"
}
],
"vulnerable_product_configurations": [
{
"product": "text",
"affected": "text",
"affected_versions": [
"text"
],
"fixed_versions": [
"text"
],
"associated_bug_ids": [
"text"
],
"cpe_ids": [
"text"
]
}
]
},
"focused_technology_products": {
"analysis_type": "text",
"version": 1,
"entries": [
{
"version": 1,
"vendor": "text",
"product": "text",
"versions": [
"text"
],
"context": "text",
"overview": "text"
}
]
},
"focused_threat_actors": {
"analysis_type": "text",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"sub_groups": [
"text"
],
"context": "text",
"overview": "text",
"nation_state_sponsor": "text",
"source_geography": "text",
"targeted_industries": [
"text"
],
"targeted_geographies": [
"text"
],
"malware_used": [
"text"
],
"vulnerabilities_used": [
"text"
],
"techniques_used": [
"text"
]
}
]
},
"focused_vulnerabilities": {
"analysis_type": "focused_vulnerabilities",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"context": "text",
"overview": "text",
"cve_id": "text",
"active_scanning": true,
"exploit_code_exists": true,
"exploited_in_the_wild": true,
"used_in_malware": true,
"used_in_ransomware": true,
"associated_malware": [
"text"
],
"associated_threat_actors": [
"text"
],
"associated_targeted_products": [
"text"
],
"patches_exist": true,
"mitigations_exist": true
}
]
},
"focused_malware": {
"analysis_type": "focused_malware",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"categories": [
"text"
],
"context": "text",
"overview": "text",
"targeted_industries": [
"text"
],
"is_used_in_ransomware": true,
"associated_ransomware": [
"text"
],
"associated_threat_actors": [
"text"
],
"associated_vulnerabilities": [
"text"
],
"discovery_date": "text"
}
]
},
"focused_attack_patterns": {
"analysis_type": "focused_attack_patterns",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"mitre_attack_id": "text",
"context": "text",
"overview": "text"
}
]
},
"focused_breaches": {
"analysis_type": "focused_breaches",
"version": 2,
"entries": [
{
"version": 1,
"name": "text",
"context": "text",
"overview": "text",
"associated_threat_actors": [
"text"
],
"loss_types": [
"text"
],
"loss_description": "text",
"affected_primary_victim": "text",
"affected_downstream_victims": [
"text"
],
"date_occurred": "text",
"date_detected": "text",
"date_reported": "text",
"loss_amount": "text"
}
]
},
"focused_organizations": {
"analysis_type": "focused_organizations",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"industry": "text",
"organization_type": "text",
"context": "text",
"overview": "text"
}
]
},
"focused_people": {
"analysis_type": "focused_people",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"roles": [
"text"
],
"context": "text",
"overview": "text"
}
]
},
"focused_agency_announcements": {
"analysis_type": "focused_agency_announcements",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"countries": [
"text"
],
"regulatory_domains": [
"text"
],
"context": "text",
"overview": "text",
"enforcement_actions": [
"text"
],
"regulatory_changes": [
"text"
],
"affected_industries": [
"text"
],
"compliance_requirements": [
"text"
],
"announcement_date": "text"
}
]
},
"focused_indicators": {
"analysis_type": "focused_indicators",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"type": "text",
"context": "text",
"confidence": "text",
"first_seen": "text",
"last_seen": "text",
"tags": [
"text"
],
"associated_malware": [
"text"
],
"associated_threat_actors": [
"text"
],
"associated_vulnerabilities": [
"text"
]
}
]
},
"focused_locations": {
"analysis_type": "focused_locations",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"location_type": "text",
"context": "text",
"overview": "text",
"country_code": "text",
"region": "text",
"relevance_to_threat": "text",
"targeted_by_threat_actors": [
"text"
],
"targeted_industries": [
"text"
]
}
]
},
"focused_defensive_patterns": {
"analysis_type": "focused_defensive_patterns",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"control_type": "text",
"nist_framework_reference": "text",
"d3fend_id": "text",
"context": "text",
"overview": "text",
"implementation_details": "text",
"effectiveness_notes": "text"
}
]
},
"focused_campaigns": {
"analysis_type": "focused_campaigns",
"version": 1,
"entries": [
{
"version": 1,
"name": "text",
"aliases": [
"text"
],
"campaign_type": "text",
"context": "text",
"overview": "text",
"attributed_threat_actors": [
"text"
],
"targeted_sectors": [
"text"
],
"targeted_countries": [
"text"
],
"attack_vectors": [
"text"
],
"malware_used": [
"text"
],
"vulnerabilities_exploited": [
"text"
],
"timeline": "text",
"objectives": [
"text"
],
"impact_description": "text"
}
]
},
"focused_software_packages": {
"analysis_type": "focused_software_packages",
"version": 1,
"entries": [
{
"version": 1,
"ecosystem": "text",
"maintainer": "text",
"name": "text",
"context": "text",
"associated_threat_actors": [
"text"
],
"associated_malware": [
"text"
],
"associated_vulnerabilities": [
"text"
],
"impact_assessment": "text",
"mitigation_advice": "text",
"affected_versions": [
"text"
],
"fixed_versions": [
"text"
]
}
]
},
"focused_analysis_enabled": false,
"focused_analysis_attempted": false,
"regex_ioc": {
"analysis_type": "regex_ioc",
"asns": [
"text"
],
"attack_mitigations": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_tactics": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_techniques": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"authentihashes": [
"text"
],
"bitcoin_addresses": [
"text"
],
"cves": [
"text"
],
"domains": [
"text"
],
"email_addresses": [
"text"
],
"email_addresses_complete": [
"text"
],
"file_paths": [
"text"
],
"google_adsense_publisher_ids": [
"text"
],
"google_analytics_tracker_ids": [
"text"
],
"imphashes": [
"text"
],
"ipv4_cidrs": [
"text"
],
"ipv4s": [
"text"
],
"ipv6s": [
"text"
],
"mac_addresses": [
"text"
],
"md5s": [
"text"
],
"monero_addresses": [
"text"
],
"registry_key_paths": [
"text"
],
"sha1s": [
"text"
],
"sha256s": [
"text"
],
"sha512s": [
"text"
],
"ssdeeps": [
"text"
],
"tlp_labels": [
"text"
],
"urls": [
"text"
],
"user_agents": [
"text"
],
"xmpp_addresses": [
"text"
]
},
"regex_entity": {
"analysis_type": "regex_entity",
"threat_actors": [
"text"
],
"threat_actor_patterns": [
"text"
]
}
}
}Field to sort by - either created_at or updated_at
created_atPattern: ^(created_at|updated_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/dashboards/current-events HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"report_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"title": "text",
"formats": [
"text"
],
"content": {
"raw": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"version": "1.0.0",
"slack": "text"
}
}
]
}Get trending vulnerabilities for 1 day, 7 day, and 30 day periods. Returns live data based on mention counts rather than compiled reports.
Maximum number of vulnerabilities per trending group
24Successful Response
Not found
Validation Error
GET /v1/dashboards/vulnerabilities HTTP/1.1
Host:
Accept: */*
{
"trending_groups": [
{
"time_period": "text",
"start_date": "2025-10-24T18:08:34.728Z",
"end_date": "2025-10-24T18:08:34.728Z",
"vulnerabilities": [
{
"vulnerability": null,
"mention_count": 1
}
]
}
],
"generated_at": "2025-10-24T18:08:34.728Z"
}Field to sort by - either created_at or updated_at
created_atPattern: ^(created_at|updated_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/dashboards/threat-actors HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"report_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"title": "text",
"formats": [
"text"
],
"content": {
"raw": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"version": "1.0.0",
"slack": "text"
}
}
]
}Endpoint to browse exploits, with filters on some criteria.
A string used to filter exploits. It can start with specific prefixes to indicate the type of filter:
uuid:: Filter by UUID.url:: Filter by url.authors:: Filter by authors.maturity:: Filter by maturity.- If the filter string matches a UUID pattern, it will be treated as a specific filter.
- If no prefix is provided, it defaults to a url filter.
The number of items to skip before starting to collect the result set.
0Field to sort by - one of: url, authors, maturity, disclosed_at, created_at, or updated_at
created_atPattern: ^(url|authors|maturity|disclosed_at|created_at|updated_at|enriched_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/exploits HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"url": "text",
"maturity": "UNKNOWN",
"disclosed_at": "2025-10-24T18:08:34.728Z",
"authors": "text",
"vulnerabilities": [
"text"
],
"name": "text",
"description": "text",
"display_name": "",
"analyzed_at": "2025-10-24T18:08:34.728Z",
"gen_analysis": {
"ANY_ADDITIONAL_PROPERTY": "anything"
}
}
]
}The unique UUID of the exploit to retrieve
Successful Response
Not found
Validation Error
GET /v1/exploits/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"url": "text",
"maturity": "UNKNOWN",
"disclosed_at": "2025-10-24T18:08:34.728Z",
"authors": "text",
"vulnerabilities": [
"text"
],
"name": "text",
"description": "text",
"display_name": "",
"analyzed_at": "2025-10-24T18:08:34.728Z",
"gen_analysis": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"vulnerability_uuids": [
"text"
]
}Get vulnerabilities associated with a specific exploit with pagination and filtering.
The unique UUID of the exploit
A string used to filter vulnerabilities. It can start with specific prefixes to indicate the type of filter:
cve:: Filter by CVE ID.desc:: Filter by description.- If the filter string matches the pattern
CVE-, it will be treated as a CVE filter. - If no prefix is provided, it defaults to searching both CVE ID and description.
""The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by: cve_id, created_at, updated_at, cvss_base_score, or epss_score
cve_idPattern: ^(cve_id|created_at|updated_at|cvss_base_score|epss_score)$Sort order - either asc or desc
ascPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/exploits/{identifier}/vulnerabilities HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"cve_id": "text",
"state": "text",
"description": "text",
"cvss_base_score": 1,
"cvss_version": 1,
"cvss_vector": "text",
"cvss_source": "text",
"cvss_type": "text",
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"epss_score": 1,
"epss_percentile": 1,
"cisa_kev_added_at": "2025-10-24T18:08:34.728Z",
"reserved_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"upstream_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"raw_mitre_cvelist_v5_cves_adp": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"gen_description": "text",
"gen_display_name": "text",
"gen_cwe_id": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_remediation": "text"
}
]
}Endpoint to browse for exploitations.
The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either count, created_at or updated_at
created_atPattern: ^(count|created_at|updated_at|enriched_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/exploitations HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"begins_at": "2025-10-24T18:08:34.728Z",
"ends_at": "2025-10-24T18:08:34.728Z",
"count": 1
}
]
}The unique UUID of the exploitation to retrieve
Successful Response
Not found
Validation Error
GET /v1/exploitations/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"begins_at": "2025-10-24T18:08:34.728Z",
"ends_at": "2025-10-24T18:08:34.728Z",
"count": 1,
"detection_signature_uuid": "text",
"detection_signature_name": "text",
"detection_signature_source": "text",
"detection_signature_method": "text"
}Endpoint to browse for malware, with filters on some criteria.
A string used to filter malware. It can start with specific prefixes to indicate the type of filter:
name:: Filter by Name.uuid:: Filter by UUID.- If no prefix is provided, it defaults to a name filter.
The number of items to skip before starting to collect the result set.
0Field to sort by - either name, created_at, updated_at or enriched_at
created_atPattern: ^(name|created_at|updated_at|enriched_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/malware HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text"
}
]
}The unique UUID or name of the malware to retrieve
Successful Response
Not found
Validation Error
GET /v1/malware/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text"
}Get references associated with a specific story with pagination and sorting.
Returns a list of references that have been clustered into this story.
The unique UUID of the story
Field to sort by - either published_at, created_at, updated_at, title, or source_slug
published_atPattern: ^(published_at|created_at|updated_at|title|source_slug)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/stories/{identifier}/references HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"url": "text",
"url_hash": "text",
"type": "STRUCTURED",
"source": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"first_collected_at": "2025-10-24T18:08:34.728Z",
"last_collected_at": "2025-10-24T18:08:34.728Z",
"screenshotted_at": "2025-10-24T18:08:34.728Z",
"user_generated_content": true,
"synthetic": true,
"content_type": "text",
"topic": "text",
"authors": [
"text"
],
"content_chunk_uuids": [
"text"
],
"final_url": "text",
"last_http_status": 1,
"submitter": "text",
"screenshot_url": "text"
}
]
}Retrieve a story by its UUID.
identifier: The unique UUID of the story to retrieve.
This endpoint returns the story object associated with the given UUID. If no story is found, a 404 error is returned.
The unique UUID of the story to retrieve
Successful Response
Not found
Validation Error
GET /v1/stories/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"title": "text",
"description": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"reference_count": 1,
"references": [
{
"uuid": "text",
"url": "text",
"url_hash": "text",
"type": "STRUCTURED",
"source": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"first_collected_at": "2025-10-24T18:08:34.728Z",
"last_collected_at": "2025-10-24T18:08:34.728Z",
"screenshotted_at": "2025-10-24T18:08:34.728Z",
"user_generated_content": true,
"synthetic": true,
"content_type": "text",
"topic": "text",
"authors": [
"text"
],
"content_chunk_uuids": [
"text"
],
"final_url": "text",
"last_http_status": 1,
"submitter": "text",
"screenshot_url": "text"
}
]
}Get paginated list of stories.
Stories are collections of related references that have been clustered together based on content similarity and temporal proximity.
A string used to filter stories. Allowed filter terms:
title:: filter by title (case insensitive substring)description:: filter by description (case insensitive substring)min_refs:: filter by minimum reference count (e.g., min_refs:5)max_refs:: filter by maximum reference count (e.g., max_refs:10)- If no prefix is provided, the filter will search in the title.
Filter stories created after this date. Supports various formats including ISO 8601 (e.g., '2024-01-01T00:00:00Z'), date only (e.g., '2024-01-01'), and common formats (e.g., 'Jan 1, 2024', '1/1/2024')
Filter stories created before this date. Supports various formats including ISO 8601 (e.g., '2024-12-31T23:59:59Z'), date only (e.g., '2024-12-31'), and common formats (e.g., 'Dec 31, 2024', '12/31/2024')
Filter stories updated after this date. Supports various formats including ISO 8601 (e.g., '2024-01-01T00:00:00Z'), date only (e.g., '2024-01-01'), and common formats (e.g., 'Jan 1, 2024', '1/1/2024')
Filter stories updated before this date. Supports various formats including ISO 8601 (e.g., '2024-12-31T23:59:59Z'), date only (e.g., '2024-12-31'), and common formats (e.g., 'Dec 31, 2024', '12/31/2024')
Field to sort by - either created_at, updated_at, title, or reference_count
created_atPattern: ^(created_at|updated_at|title|reference_count)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/stories HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"title": "text",
"description": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"reference_count": 1,
"references": [
{
"uuid": "text",
"url": "text",
"url_hash": "text",
"type": "STRUCTURED",
"source": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"first_collected_at": "2025-10-24T18:08:34.728Z",
"last_collected_at": "2025-10-24T18:08:34.728Z",
"screenshotted_at": "2025-10-24T18:08:34.728Z",
"user_generated_content": true,
"synthetic": true,
"content_type": "text",
"topic": "text",
"authors": [
"text"
],
"content_chunk_uuids": [
"text"
],
"final_url": "text",
"last_http_status": 1,
"submitter": "text",
"screenshot_url": "text"
}
]
}
]
}Get timeline events for a specific story with pagination and sorting.
Returns a chronological list of events that have occurred for this story, such as creation and reference assignments. Events are sorted by created_at.
The unique UUID of the story
Filter parameter (e.g., 'event_type:story_created', 'event_type:reference_assigned')
Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/stories/{identifier}/events HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"story_uuid": "text",
"event_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"event_data": {
"reference_uuid": "text"
}
}
]
}Find stories similar to the specified story.
Uses the story's embedding vector to find other stories with similar content using inner product similarity. Results are ordered by similarity (most similar first).
Returns an empty list if the story doesn't have an embedding vector.
The unique UUID of the story
Similarity threshold (higher values are more similar, range: -1 to 1)
0.6Filter similar stories created after this date. Supports various formats including ISO 8601 (e.g., '2024-01-01T00:00:00Z'), date only (e.g., '2024-01-01'), and common formats (e.g., 'Jan 1, 2024', '1/1/2024')
Filter similar stories created before this date. Supports various formats including ISO 8601 (e.g., '2024-12-31T23:59:59Z'), date only (e.g., '2024-12-31'), and common formats (e.g., 'Dec 31, 2024', '12/31/2024')
Filter similar stories updated after this date. Supports various formats including ISO 8601 (e.g., '2024-01-01T00:00:00Z'), date only (e.g., '2024-01-01'), and common formats (e.g., 'Jan 1, 2024', '1/1/2024')
Filter similar stories updated before this date. Supports various formats including ISO 8601 (e.g., '2024-12-31T23:59:59Z'), date only (e.g., '2024-12-31'), and common formats (e.g., 'Dec 31, 2024', '12/31/2024')
The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
10Successful Response
Not found
Validation Error
GET /v1/stories/{identifier}/similar HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"title": "text",
"description": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"reference_count": 1,
"references": [
{
"uuid": "text",
"url": "text",
"url_hash": "text",
"type": "STRUCTURED",
"source": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"first_collected_at": "2025-10-24T18:08:34.728Z",
"last_collected_at": "2025-10-24T18:08:34.728Z",
"screenshotted_at": "2025-10-24T18:08:34.728Z",
"user_generated_content": true,
"synthetic": true,
"content_type": "text",
"topic": "text",
"authors": [
"text"
],
"content_chunk_uuids": [
"text"
],
"final_url": "text",
"last_http_status": 1,
"submitter": "text",
"screenshot_url": "text"
}
]
}
]
}Endpoint to browse for threat actors, with filters on some criteria.
A string used to filter threat actors. It can start with specific prefixes to indicate the type of filter:
name:: Filter by Name, case-insensitive.uuid:: Filter by UUID, case-insensitive. If no prefix is provided, it defaults to filtering on the display_name or name fields. Examples:name:APTname:lazarus_grouplazarus_groupLazarus Group
The number of items to skip before starting to collect the result set.
0Field to sort by - either name, created_at, updated_at, enriched_at, trending_1d, trending_7d, or trending_30d
created_atPattern: ^(name|created_at|updated_at|enriched_at|trending_1d|trending_7d|trending_30d)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/actors HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text",
"misp_uuid": "text",
"provenance": "text",
"motivation": "text",
"sponsor": "text",
"family_name": "text",
"gen_description": "text"
}
]
}The unique UUID or name of the threat actor to retrieve
Successful Response
Not found
Validation Error
GET /v1/actors/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text",
"misp_uuid": "text",
"provenance": "text",
"motivation": "text",
"sponsor": "text",
"family_name": "text",
"gen_description": "text",
"mentions_count": 0,
"synonyms_count": 0,
"mentions": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_topic": "text",
"reference_user_generated_content": true,
"threat_actor_uuid": "text",
"threat_actor_name": "text",
"threat_actor_display_name": "text"
}
],
"synonyms": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text",
"misp_uuid": "text",
"provenance": "text",
"motivation": "text",
"sponsor": "text",
"family_name": "text",
"gen_description": "text"
}
]
}Endpoint to browse for products.
Filter the products by name
""The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at|enriched_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/products HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
]
}Endpoint to search for products based on search criteria.
The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The search criteria for products
The type of search to perform. Options are: 'standard', 'did_you_mean'. Defaults to 'standard'.
standardExample: standardCommon Platform Enumeration (CPE) 2.3 string. Overrides type, vendor, and product if provided.
nullExample: cpe:2.3:a:vendor:product:1.0:*:*:*:*:*:*:*The type of the product (e.g., application, operating system). Defaults to 'application'.
applicationExample: applicationThe vendor of the product.
nullExample: ExampleVendorThe name of the product.
nullExample: ExampleProductSuccessful Response
Not found
Validation Error
POST /v1/products/search HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 150
{
"search_type": "standard",
"cpe": "cpe:2.3:a:vendor:product:1.0:*:*:*:*:*:*:*",
"type": "application",
"vendor": "ExampleVendor",
"product": "ExampleProduct"
}{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
]
}The unique UUID of the technology product to retrieve
Successful Response
Not found
Validation Error
GET /v1/products/{identifier}/technology_product_advisories HTTP/1.1
Host:
Accept: */*
No content
The unique UUID of the technology product to retrieve
Successful Response
Not found
Validation Error
GET /v1/products/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either created_at, updated_at, source, or name
created_atPattern: ^(created_at|updated_at|source|name)$Sort order - either asc or desc
descPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/technology_product_advisories HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"source": "text",
"advisory_version": "text",
"name": "text",
"display_name": "text",
"last_updated": "text",
"status": "text",
"summary": "text",
"impact": "text",
"reporter": "text",
"remediation": "text",
"mitigation": "text"
}
]
}The unique UUID of the technology product advisory to retrieve
Successful Response
Not found
Validation Error
GET /v1/technology_product_advisories/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"source": "text",
"advisory_version": "text",
"name": "text",
"display_name": "text",
"last_updated": "text",
"status": "text",
"summary": "text",
"impact": "text",
"reporter": "text",
"remediation": "text",
"mitigation": "text",
"vulnerabilities_count": 0,
"configurations_count": 0,
"vulnerability_cve_ids": [
"text"
]
}The unique UUID of the technology product advisory to retrieve
Successful Response
Not found
Validation Error
GET /v1/technology_product_advisories/{identifier}/products HTTP/1.1
Host:
Accept: */*
[
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
]The unique UUID of the technology product advisory to retrieve
Successful Response
Not found
Validation Error
GET /v1/technology_product_advisories/{identifier}/vulnerabilities HTTP/1.1
Host:
Accept: */*
[
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"cve_id": "text",
"state": "text",
"description": "text",
"cvss_base_score": 1,
"cvss_version": 1,
"cvss_vector": "text",
"cvss_source": "text",
"cvss_type": "text",
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"epss_score": 1,
"epss_percentile": 1,
"cisa_kev_added_at": "2025-10-24T18:08:34.728Z",
"reserved_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"upstream_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"raw_mitre_cvelist_v5_cves_adp": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"gen_description": "text",
"gen_display_name": "text",
"gen_cwe_id": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_remediation": "text"
}
]Endpoint to browse vendors based on various criteria.
Filter the vendors by name
""The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at|enriched_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/vendors HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"products": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
]
}
]
}The unique UUID of the technology vendor to retrieve
Successful Response
Not found
Validation Error
GET /v1/vendors/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"products": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
],
"product_names": [
"text"
],
"product_display_names": [
"text"
]
}Get products for a specific vendor with pagination and filtering.
The unique UUID of the technology vendor
Filter products by name or description
""The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either name, created_at or updated_at
namePattern: ^(name|created_at|updated_at)$Sort order - either asc or desc
ascPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/vendors/{identifier}/products HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
]
}Endpoint to browse vulnerabilities, with filters on some criteria.
A string used to filter vulnerabilities. It can start with specific prefixes to indicate the type of filter:
cve:: Filter by CVE ID.uuid:: Filter by UUID.desc:: Filter by description.gen_description:: Filter by gen_description.gen_display_name:: Filter by gen_display_name.cisa_kev:: Filter by cisa_kev.state:: Filter by state.- If the filter string matches the pattern
CVE-or a UUID pattern, it will be treated as a specific filter. - If no prefix is provided, it defaults to a description filter.
Field to sort by - either cve_id, created_at, updated_at, enriched_at, cvss_base_score, cvss_version, epss_score, epss_percentile, trending_1d, trending_7d, or trending_30d
created_atPattern: ^(cve_id|created_at|updated_at|enriched_at|cvss_base_score|cvss_version|epss_score|epss_percentile|trending_1d|trending_7d|trending_30d)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/vulnerabilities HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"cve_id": "text",
"state": "text",
"description": "text",
"cvss_base_score": 1,
"cvss_version": 1,
"cvss_vector": "text",
"cvss_source": "text",
"cvss_type": "text",
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"epss_score": 1,
"epss_percentile": 1,
"cisa_kev_added_at": "2025-10-24T18:08:34.728Z",
"reserved_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"upstream_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"raw_mitre_cvelist_v5_cves_adp": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"gen_description": "text",
"gen_display_name": "text",
"gen_cwe_id": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_remediation": "text"
}
]
}The unique CVE ID or UUID of the vulnerability to retrieve
Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"cve_id": "text",
"state": "text",
"description": "text",
"cvss_base_score": 1,
"cvss_version": 1,
"cvss_vector": "text",
"cvss_source": "text",
"cvss_type": "text",
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"epss_score": 1,
"epss_percentile": 1,
"cisa_kev_added_at": "2025-10-24T18:08:34.728Z",
"reserved_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"upstream_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"raw_mitre_cvelist_v5_cves_adp": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"gen_description": "text",
"gen_display_name": "text",
"gen_cwe_id": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_remediation": "text",
"weaknesses": [
"text"
],
"mentions_count": 0,
"detection_signatures_count": 0,
"exploits_count": 0,
"exploitations_count": 0,
"vulnerable_configuration_sets_count": 0,
"affected_products_count": 0
}The unique CVE ID or UUID of the vulnerability to retrieve
Number of items to skip
0Maximum number of items to return
100Field to sort by - created_at, updated_at, vendor, product_name, or product_type
created_atPattern: ^(created_at|updated_at|vendor|product_name|product_type)$Sort order
descPattern: ^(asc|desc)$Filter parameter (e.g., 'vulnerable:true' or 'vulnerable:false')
Output model type
detailedPattern: ^(basic|detailed)$Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/configurations HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"set_id": "text",
"is_vulnerable": true,
"cve_id": "text",
"cpe_match_id": "text",
"cpe23_uri": "text",
"edition": "text",
"language": "text",
"sw_edition": "text",
"target_sw": "text",
"target_hw": "text",
"other": "text",
"version": "text",
"update": "text",
"version_start_excluding": "text",
"version_start_including": "text",
"version_end_excluding": "text",
"version_end_including": "text",
"technology_product_name": "text",
"technology_vendor_name": "text",
"product_name": "text",
"product_display_name": "text",
"product_type": "text",
"vendor": "text",
"vendor_display_name": "text"
}
]
}The unique CVE ID or UUID of the vulnerability to retrieve
Number of items to skip
0Maximum number of items to return
100Field to sort by
created_atPattern: ^(created_at|updated_at|source|method|upstream_id)$Sort order
descPattern: ^(asc|desc)$Filter parameter (e.g., 'method:snort')
Output model type
basicPattern: ^(basic|detailed)$Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/detection_signatures HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"upstream_id": "text",
"source": "text",
"method": "text",
"name": "text",
"description": "text"
}
]
}The unique CVE ID or UUID of the vulnerability to retrieve
Number of items to skip
0Maximum number of items to return
100Field to sort by
created_atPattern: ^(created_at|updated_at|disclosed_at)$Sort order
descPattern: ^(asc|desc)$Filter parameter (e.g., 'maturity:functional')
Output model type
basicPattern: ^(basic|detailed)$Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/exploits HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"url": "text",
"maturity": "UNKNOWN",
"disclosed_at": "2025-10-24T18:08:34.728Z",
"authors": "text",
"vulnerabilities": [
"text"
],
"name": "text",
"description": "text",
"display_name": "",
"analyzed_at": "2025-10-24T18:08:34.728Z",
"gen_analysis": {
"ANY_ADDITIONAL_PROPERTY": "anything"
}
}
]
}The unique CVE ID or UUID of the vulnerability to retrieve
Number of items to skip
0Maximum number of items to return
100Field to sort by
begins_atPattern: ^(created_at|updated_at|begins_at|ends_at|count)$Sort order
descPattern: ^(asc|desc)$Filter parameter (e.g., 'has_detection_signature:true', 'has_detection_signature:false')
Output model type
detailedPattern: ^(basic|detailed)$Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/exploitations HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"begins_at": "2025-10-24T18:08:34.728Z",
"ends_at": "2025-10-24T18:08:34.728Z",
"count": 1,
"detection_signature_uuid": "text",
"detection_signature_name": "text",
"detection_signature_source": "text",
"detection_signature_method": "text"
}
]
}The unique CVE ID or UUID of the vulnerability to retrieve
Number of items to skip
0Maximum number of items to return
100Field to sort by
published_atPattern: ^(created_at|updated_at|published_at|source)$Sort order
descPattern: ^(asc|desc)$Filter parameter (e.g., 'user_generated_content:true' or 'user_generated_content:false')
Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/mentions HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_user_generated_content": true,
"reference_topic": "text",
"vulnerability_uuid": "text",
"cve_id": "text",
"vulnerability_gen_display_name": "text"
}
]
}The unique CVE ID or UUID of the vulnerability to retrieve
Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/products HTTP/1.1
Host:
Accept: */*
[
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"type": "text",
"name": "text",
"description": "text",
"display_name": "text",
"website": "text",
"vendor_name": "text",
"vendor_display_name": "text",
"vendor_uuid": "text"
}
]The unique CVE ID or UUID of the vulnerability to retrieve
Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/technology_product_advisories HTTP/1.1
Host:
Accept: */*
No content
Endpoint to search for vulnerable technology product configuration sets.
The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either created_at or updated_at
created_atPattern: ^(created_at|updated_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The search criteria for vulnerable technology product configuration sets
The method used for version matching. Options are: 'none', 'exact', 'range', 'strict', 'loose'. Defaults to 'exact'.
exactExample: exactConfiguration set identifier that groups related CPEs. This corresponds to 'configuration_id' from NVD data.
nullExample: abc123def456...Whether to include all configuration set members when a match is found. If true, returns all configurations in the same set as matched items.
falseCommon Platform Enumeration (CPE) 2.3 string. If provided, overrides type, vendor, product, and version fields.
nullExample: cpe:2.3:a:apache:httpd:2.4.1:*:*:*:*:*:*:*Unique identifier for a specific CPE configuration. This is different from set_id which groups multiple CPEs.
nullExample: 1234567890abcdef...CVE identifier string to filter by.
nullExample: CVE-2024-12345Database ID of the vulnerability record.
nullExample: 12345Filter by vulnerability status.
nullExample: trueThe vendor/manufacturer of the product.
nullExample: apacheThe name of the product.
nullExample: httpdThe type of the product (a=application, o=operating system, h=hardware). Defaults to 'a' (application) if vendor/product provided without type.
nullExample: aThe exact version for 'exact' matching mode.
nullExample: 2.4.1Start of version range for 'range' matching mode.
nullExample: 2.0.0End of version range for 'range' matching mode.
nullExample: 2.9.9The update/patch version of the product.
nullExample: SP1Successful Response
Not found
Validation Error
POST /v1/vulnerable_technology_product_configuration_sets/search HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 366
{
"version_match": "exact",
"set_id": "abc123def456...",
"include_set_results": false,
"cpe": "cpe:2.3:a:apache:httpd:2.4.1:*:*:*:*:*:*:*",
"cpe_match_id": "1234567890abcdef...",
"cve_id": "CVE-2024-12345",
"vulnerability_id": 12345,
"is_vulnerable": true,
"vendor": "apache",
"product": "httpd",
"type": "a",
"version": "2.4.1",
"version_start": "2.0.0",
"version_end": "2.9.9",
"update": "SP1"
}{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"set_id": "text",
"vulnerability_uuid": "123e4567-e89b-12d3-a456-426614174000",
"technology_product_configuration_uuid": "123e4567-e89b-12d3-a456-426614174000",
"is_vulnerable": true
}
]
}Endpoint to lookup a weakness by its unique identifier. Can use either CWE-ID (e.g., CWE-79) or UUID.
The unique identifier of the weakness to retrieve (CWE-ID or UUID)
Successful Response
Not found
Validation Error
GET /v1/weaknesses/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"description": "text",
"extended_description": "text",
"likelihood_of_exploit": "text"
}Endpoint to browse weaknesses based on various criteria.
Filter the weaknesses by name
""The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at|enriched_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/weaknesses HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"enriched_at": "2025-10-24T18:08:34.728Z",
"description": "text",
"extended_description": "text",
"likelihood_of_exploit": "text"
}
]
}The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either created_at, updated_at, published_at, or collected_at
published_atPattern: ^(created_at|updated_at|published_at|collected_at)$Sort order - either asc or desc
descSuccessful Response
Not found
Validation Error
GET /v1/mentions/actors HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_topic": "text",
"reference_user_generated_content": true,
"threat_actor_uuid": "text",
"threat_actor_name": "text",
"threat_actor_display_name": "text"
}
]
}Endpoint to retrieve a list of bulletins.
The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
7Successful Response
Not found
Validation Error
GET /v1/bulletins HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"report_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"title": "text",
"formats": [
"text"
],
"content": {
"raw": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"version": "1.0.0",
"slack": "text"
}
}
]
}The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Field to sort by - either created_at, updated_at, published_at, or collected_at
published_atPattern: ^(created_at|updated_at|published_at|collected_at)$Sort order - either asc or desc
descPattern: ^(asc|desc)$Successful Response
Not found
Validation Error
GET /v1/mentions/vulnerabilities HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"published_at": "2025-10-24T18:08:34.728Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_user_generated_content": true,
"reference_topic": "text",
"vulnerability_uuid": "text",
"cve_id": "text",
"vulnerability_gen_display_name": "text"
}
]
}UUID of the bulletin to retrieve
Successful Response
Not found
Validation Error
GET /v1/bulletins/{identifier} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"report_type": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"title": "text",
"formats": [
"text"
],
"content": {
"raw": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"version": "1.0.0",
"slack": "text"
}
}Base exports endpoint. Returns export history and mirrors /history.
Type of export to retrieve. Allowed: vuln_intel
vuln_intelFilter by export strategy
Number of exports to return
10Successful Response
Not found
Validation Error
GET /v1/exports HTTP/1.1
Host:
Accept: */*
{
"total_found": 1,
"exports": [
{
"uuid": "text",
"export_type": "text",
"export_strategy": "text",
"version": "text",
"filepath": "text",
"generated_at": "2025-10-24T18:08:34.728Z",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z"
}
]
}Get export history
Type of export to retrieve. Allowed: vuln_intel
vuln_intelFilter by export strategy
Number of exports to return
10Successful Response
Not found
Validation Error
GET /v1/exports/history HTTP/1.1
Host:
Accept: */*
{
"total_found": 1,
"exports": [
{
"uuid": "text",
"export_type": "text",
"export_strategy": "text",
"version": "text",
"filepath": "text",
"generated_at": "2025-10-24T18:08:34.728Z",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z"
}
]
}Get a signed URL for the latest export.
Type of export to retrieve. Allowed: vuln_intel
vuln_intelExport strategy: full or incremental
incrementalSigned URL expiration time in seconds (300-86400)
86400Successful Response
Not found
Validation Error
GET /v1/exports/latest HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"export_type": "text",
"export_strategy": "text",
"version": "text",
"filepath": "text",
"generated_at": "2025-10-24T18:08:34.728Z",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"signed_url": "text",
"expires_in": 1,
"expires_at": "text"
}Get a signed URL for a specific export by export UUID.
Signed URL expiration time in seconds (300-86400)
86400Successful Response
Not found
Validation Error
GET /v1/exports/{uuid} HTTP/1.1
Host:
Accept: */*
{
"uuid": "text",
"export_type": "text",
"export_strategy": "text",
"version": "text",
"filepath": "text",
"generated_at": "2025-10-24T18:08:34.728Z",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"signed_url": "text",
"expires_in": 1,
"expires_at": "text"
}Successful Response
Validation Error
GET /workspaces/{workspace_uuid} HTTP/1.1
Host:
Accept: */*
{
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"icon": "text",
"default": true,
"description": "text",
"topics": "text",
"settings": {
"podcast_creation_enabled": true
},
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"role": "text",
"assets": [
{
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"vendor": "text",
"product": "text",
"version": "text",
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z"
}
]
}Successful Response
Validation Error
PATCH /workspaces/{workspace_uuid} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 174
{
"name": "text",
"icon": "text",
"description": "text",
"topics": "text",
"settings": {
"podcast_creation_enabled": true
},
"assets": [
{
"vendor": "text",
"product": "text",
"version": "text"
}
]
}{
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"icon": "text",
"default": true,
"description": "text",
"topics": "text",
"settings": {
"podcast_creation_enabled": true
},
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"role": "text"
}List all workspaces for the current user's tenant organization.
Successful Response
GET /workspaces HTTP/1.1
Host:
Accept: */*
Successful Response
[
{
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"icon": "text",
"default": true,
"description": "text",
"topics": "text",
"settings": {
"podcast_creation_enabled": true
},
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"role": "text"
}
]Successful Response
Validation Error
POST /workspaces HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 111
{
"name": "text",
"description": "text",
"icon": "text",
"topics": "text",
"settings": {
"podcast_creation_enabled": true
}
}{
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"icon": "text",
"default": true,
"description": "text",
"topics": "text",
"settings": {
"podcast_creation_enabled": true
},
"created_at": "2025-10-24T18:08:34.728Z",
"updated_at": "2025-10-24T18:08:34.728Z",
"role": "text"
}Last updated