The Silent Push API suite delivers powerful threat intelligence integration capabilities directly into your security tools and workflows. It provides access to reputational scoring, behavioral indicators, real-time lookups, and rich contextual data across domains, IPs, URLs, and more.
Full Interactive API Documentation:
Log in to your Silent Push account to explore all available endpoints, authentication details, request/response examples, and live testing tools.
API Capabilities
The Silent Push platform offers a robust set of APIs designed for different integration needs:
Main API Sections
Enrich
This section contains all endpoints related to threat intelligence enrichment for domains, IPv4 addresses, and IPv6 addresses. These are foundational capabilities used across most integrations.
Key endpoints include single and bulk enrichment for domains, IPv4s, and IPv6s, plus specialized lookups such as IP diversity analysis.
Export
Endpoints for downloading generated exports in various formats (CSV, JSON, TXT, RPZ, STIX, etc.).
Feeds
Complete CRUD operations for managing custom threat intelligence feeds, including creation, updates, enrichment, and deletion.
Feed Indicators
Manage individual indicators (IOCs) within feeds — add, update, delete, tag, and bulk operations.
Feed Tags
Organize and manage tags used for categorizing indicators within feeds.
Live Scan
Monitor and retrieve results from real-time and recent live scans across the platform.
SPQL Search
Execute powerful, flexible searches using Silent Push Query Language (SPQL) across threat data sources.
Threat Check
Real-time threat validation endpoints (single and bulk) that return reputation and risk signals for IPs, domains, and hostnames.
TLP Reports
Browse and retrieve structured Traffic Light Protocol (TLP) threat intelligence reports.
Users & Quota
Endpoints to retrieve user profiles, organization quota information, and current API usage limits.
Traffic Origin
Geolocation lookup capabilities for enriching user/device sessions with accurate location data.
All endpoints require a valid API key obtained from your Silent Push Organization settings. Detailed specifications, authentication instructions, rate limits, and integration examples are available in the full documentation.
Need assistance? Contact Silent Push support for help with implementation or integration questions.