post
https://api.recordedfuture.com/collective-insights/search
Search previously submitted events processed in Collective Insights analysis and enriched with associated threat entities (threat actors, malware, TTPs).
This operation allows querying enriched events received from all Collective Insights sources:
- Collective Insights API (
POST /detectionsendpoint) - Recorded Future integrations and connectors, including Autonomous Threat Operations results
- Autonomous Threat Operations API
- Enterprise Sandbox submissions (if enabled in enterprise settings)
For Recorded Future entity IDs included in responses Entity Match API can be used to retrieve additional entity details.