Use the Threat Check API for unrestricted access to our feed data and to quickly determine whether a specific indicator is present on our Indicators of Future Attack (IOFA) feeds. The API also supports DNS-based lookups, which ensures that customers can perform real-time checks without additional costs or limitations.
Benefits
With the Threat Check API, customers gain the following:
Rapid Risk Assessment: Quickly determine if an indicator is on an IOFA feed. This allows your team to promptly identify high-risk indicators and take appropriate action, such as blocking potentially dangerous traffic.
Unlimited Access: The Threat Check API is provided with unlimited usage for Enterprise customers.
High Traffic Capability: The API is engineered to handle large volumes of requests. This makes it ideal for integration into systems that require real-time look-ups under heavy load.
Simplified Integration: With a simple Boolean response, integrating the Threat Check API into your security infrastructure is straightforward. It supports both API and DNS-based lookup methods, providing flexibility in how you incorporate threat intelligence into your workflows.
Step 1: Locate your API Key
Under your User Icon, click Subscription.
Find the Threat Check API key. For security, the key is masked, but you can reveal it by selecting the icon. This key is essential for authenticating your API calls.
Step 2: Integrate the API into your Tools
Use the provided API key to perform lookups directly from your tools or security systems. The API accepts an indicator, such as an IP address, a domain, or a file hash, and returns a boolean value indicating whether it is present on an IOFA feed.
Step 3: Utilize DNS-Based Lookups
The Threat Check API also supports DNS-based lookups. This is especially useful for high-volume scenarios like filtering inbound emails or scanning network traffic.