Attack Surface Intelligence API introduction

With Attack Surface Intelligence, directly query the data lake that powers our Ratings platform, so that you can:

  • Track how assets around the world, or in your own organization, are connected to threat actors, ransomware attacks, and other malware campaigns.
  • Find out which CVEs on your assets, or the assets of your third parties are being actively exploited on the internet.
  • Learn about breaches; leaked personal information; assets with malicious reputation; MITRE ATT&CK adversary tactics, techniques, and procedures (TTPs); and more.

Use this reference to call all the endpoints that are available in the Attack Surface Intelligence API.

Use additional tools and guidance

  • See our Knowledge Base article to get:

    • An overview of you can do with Attack Surface Intelligence API
    • General guidance on how to use the API, including best practices
    • More context about the endpoints
  • Use our Jupyter notebooks to help you analyze and visualize of the data that you can query for with the API. These notebooks provide an interactive and flexible environment that allows you to integrate various programming languages, such as Python, R, and Julia.

    You can easily access and manipulate large datasets and perform complex analyses to uncover patterns and identify potential threats quickly.

    Install the notebooks from our GitHub repo or run them directly from your web browser.

  • Watch this webinar in which SecurityScorecard’s Threat Research Intelligence, Knowledge, and Engagement (STRIKE) team conduct live threat investigations using Attack Surface Intelligence (ASI).

NOTE: Do not call endpoints that are not documented in this reference. They are not designed or supported for public use. SecurityScorecard may stop requests to undocumented endpoints to prevent performance problems that these requests may cause. Contact Support with any questions. Contact <a href=">Support with any questions.