Jump to Content
API Documentation
Changelog
API Documentation
Search
API Documentation
STIX TAXII: 2.1 Service
All
Pages
Start typing to search…
JUMP TO
Getting Started
Recorded Future API Overview
API Entitlements
LLM Instructions
Alerts
Classic Alerts
Alerts: Get by ID
get
Alerts: Get Hits
get
Alerts: Get Image
get
Alerts: Search
get
Alerts: Search Rules
get
Alerts: Update
post
Search & Management
Playbook Alerts: Search
post
Playbook Alerts: Preview
get
Playbook Alerts: Update
put
Playbook Alerts: Available Assignees
post
Playbook Alerts: Metadata
get
Domain Abuse
Playbook Alerts: Domain Abuse Detail
post
Playbook Alerts: Domain Abuse Bulk
post
Playbook Alerts: Domain Abuse Image
get
Vulnerability
Playbook Alerts: Vulnerability Detail
post
Playbook Alerts: Vulnerability Bulk
post
Data Leakage on Code Repository
Playbook Alerts: Code Repo Leakage Detail
post
Playbook Alerts: Code Repo Leakage Bulk
post
Third Party Risk
Playbook Alerts: Third Party Risk Detail
post
Playbook Alerts: Third Party Risk Bulk
post
Identity Novel Exposures
Playbook Alerts: Identity Exposures Detail
post
Playbook Alerts: Identity Exposures Bulk
post
Geopolitics Facility
Playbook Alerts: Geopolitics Facility Bulk
post
Playbook Alerts: Geopolitics Facility Detail
post
Playbook Alerts: Geopolitics Facility Image
get
Malware Intelligence
Playbook Alerts: Malware Report Detail
post
Playbook Alerts: Malware Report Bulk
post
Payment Card Fraud
Playbook Alerts: Bank Checks Detail
post
Playbook Alerts: Bank Checks Bulk
post
Playbook Alerts: Bank Checks Image
get
Cases
Cases: Create
post
Cases: Delete
del
Cases: Delete Multiple
del
Cases: Lookup Multiple
post
Cases: Lookup
get
Cases: Search
post
Cases: Update
put
Cases: Eligible Assignees
post
Analyst Notes
Configuration
Analyst Notes: Available Topics
Analyst Notes: Note Attributes
Analyst Notes: Serialization Options
Search & Lookup
Analyst Notes: Search
post
Analyst Notes: Lookup
post
Analyst Notes: Attachment
get
Analyst Notes: Export
get
Publishing
Analyst Notes: Draft
post
Analyst Notes: Preview
post
Analyst Notes: Publish
post
Analyst Notes: Delete
del
Attack Surface Intelligence
Project
ASI Projects: List
get
Assets
ASI Assets: Search
post
ASI Assets: Find
get
ASI Assets: Read
get
ASI Assets: List Exposures
get
ASI Assets: Get Filters
get
ASI Assets: Apply Tag
put
ASI Assets: Remove Tag
del
ASI Assets: Bulk Add/Remove Tags
post
ASI Assets: Get Filtered Filters
post
Tagging
ASI Tagging: Get Tags
get
ASI Tagging: Get Task Status
get
ASI Tagging: Bulk Tag Assets
post
ASI Tagging: Add Tag
post
Exposures
ASI Exposures: List
get
ASI Exposures: Get Assets
get
Rules
ASI Rules: Get Static Assets
get
ASI Rules: Add Static Assets
post
Autonomous Threat Operations
Intelligence Sources
Custom Sources: List
get
Custom Sources: Create
post
Custom Sources: Get
get
Custom Sources: Update
put
Custom Sources: Publish Reports
post
Threat Hunting
Threat Hunting: Get Pending Jobs
get
Threat Hunting: Get Job Indicators
post
Threat Hunting: Get Job Rules
post
Threat Hunting: Update Job Status
post
Threat Hunting: Query Profiles
post
Threat Detection
Threat Detection: Query Profiles
post
Threat Detection: Get Profile Indicators
post
Threat Detection: Get Profile Rules
post
Threat Prevention
Threat Prevention: Query Profiles
post
Threat Prevention: Get Profile Indicators
post
Threat Prevention: Get Profile Rules
post
Collective Insights
Collective Insights: Overview
Detections
Collective Insights: Submit Detections
post
Search
Collective Insights: Search
post
Detection Rules
Search & Associations
Detection Rules: Search
post
Detection Rules: Associated Entities
get
Detection Rules: Associated Entity Types
get
Enrichment and Risk Lists
Enrichment: Field Attributes
Company
Company: Search
get
Company: Lookup
get
Company: Lookup by Domain
get
Company: List Risk Rules
get
Domain
Domain: Search
get
Domain: Lookup
get
Domain: List Risk Rules
get
Domain: Download Risk List
get
Domain: Stat Risk List
head
Domain: Lookup Extension
get
Domain: Demo Events
get
Hash
Hash: Search
get
Hash: Lookup
get
Hash: List Risk Rules
get
Hash: Download Risk List
get
Hash: Stat Risk List
head
Hash: Lookup Extension
get
Hash: Demo Events
get
IP
IP Address: Search
get
IP Address: Lookup
get
IP Address: List Risk Rules
get
IP Address: Download Risk List
get
IP Address: Stat Risk List
head
IP Address: Lookup Extension
get
IP Address: Demo Events
get
Malware
Malware: Search
get
Malware: Lookup
get
Malware: Lookup Extension
get
URL
URL: Search
get
URL: Lookup
get
URL: List Risk Rules
get
URL: Download Risk List
get
URL: Stat Risk List
head
URL: Lookup Extension
get
URL: Demo Events
get
Vulnerability
Vulnerability: Search
get
Vulnerability: Lookup
get
Vulnerability: List Risk Rules
get
Vulnerability: Download Risk List
get
Vulnerability: Stat Risk List
head
Vulnerability: Lookup Extension
get
Vulnerability: Demo Events
get
Entity Match
Matching & Lookup
Entity: Match
post
Entity: Lookup
get
Available Entity Types
Fusion
File Operations
Fusion Files: Get
get
Fusion Files: Upload
post
Fusion Files: Delete
del
Directory & Metadata
Fusion Files: List Directory
get
Fusion Files: Stat
head
Identity Intelligence
Detections
Identity: Detections
post
Credentials
Identity: Search
post
Identity: Lookup
post
Identity: Password Lookup
post
Identity: Hostname Lookup
post
Identity: IP Lookup
post
Identity: Incident Report
post
Identity: Dump Metadata Search
post
Links
Search & Metadata
Links: Search
post
Links: Metadata Events
get
Links: Metadata Entities
get
Links: Metadata Sections
get
Lists
List Management
Lists: Create
post
Lists: Search
post
Lists: Get Info
get
Lists: Get Status
get
Entity Operations
Lists: Get Entities
get
Lists: Add Entity
post
Lists: Remove Entity
post
Lists: Get Text Entries
get
Third Parties Watch List Tags
Lists: Get Entities with Tags
get
Lists: Replace Entity Tags
post
Lists: Available Tags
Malware Intelligence
Queries and Reporting
Malware Intelligence: Query
post
Malware Intelligence: Query Natural Language
post
Malware Intelligence: Query by IOCs
post
Malware Intelligence: Get Sandbox Reports
post
Auto YARA
Auto YARA: Create Job
post
Auto YARA: List Jobs
get
Auto YARA: Edit Job
post
Auto YARA: Get Job
get
Auto YARA: Delete Job
del
Auto YARA: Retry Job
post
Auto Sigma
Auto Sigma: Create Job
post
Auto Sigma: List Jobs
post
Auto Sigma: Get Job
get
Auto Sigma: Delete Job
del
Auto Sigma: Update Job
post
Auto Sigma: Retry Job
post
Payment Fraud Intelligence
Data Retrieval
PFI: Pickup Data
post
Images
PFI: Bank Account Images
put
PFI: Check Images
put
Scanning Queue
PFI: Add Scan Domains
post
PFI: Clear Scan Queue
post
Bulk Data Requests
PFI: Bank Account Data
put
PFI: Full Card Data
put
PFI: Partial Card Data
put
PFI: Sold Partial Card Data
put
PFI: Check Data
put
PFI: CPP Merchant Data
put
PFI: Magecart Domain Data
put
PFI: Magecart Merchant Data
put
PFI: Magescanner Scan Data
put
PFI: Tester Merchant Data
put
Task Management
PFI: List Tasks
get
PFI: Delete Task
del
PFI: Task Status
get
Risk
Company Risk Rules
Company: Get Active Risk Rule
post
Risk History
Risk: Search Risk History
post
Sandbox
Environment
Sandbox: List Geolocations
get
Sandbox: List Resources
get
Profiles
Sandbox: List Profiles
get
Sandbox: Create Profile
post
Sandbox: Get Profile
get
Sandbox: Update Profile
put
Sandbox: Delete Profile
del
Submissions
Sandbox: List Samples
get
Sandbox: Submit Sample
post
Sandbox: Get Sample
get
Sandbox: Search
get
Sandbox: Delete Sample
del
Sandbox: Select Profile
post
Streaming
Sandbox: Stream All Events
get
Sandbox: Stream Sample Events
get
Reports
Sandbox: Get Static Report
get
Sandbox: Get Dynamic Report
get
Sandbox: Get Sample Overview
get
Sandbox: Get Sample Summary
get
Sandbox: Get URL Scan Report
get
Sandbox: Get URL Scan Screenshot
get
Downloads
Sandbox: Download Sample
get
Sandbox: Download Archive (TAR)
get
Sandbox: Download Archive (ZIP)
get
Task Artifacts
Sandbox: Download Task File
get
Sandbox: Get Task Logs
get
Sandbox: Download PCAP
get
Sandbox: Download PCAPNG
get
YARA Rules
Sandbox: List YARA Rules
get
Sandbox: Create YARA Rule
post
Sandbox: Get YARA Rule
get
Sandbox: Update YARA Rule
put
Sandbox: Delete YARA Rule
del
SOAR
Enrichment & Triage
SOAR: Enrich
post
SOAR: Get Contexts
get
SOAR: Triage Batch
post
STIX TAXII Feeds
STIX TAXII: Overview
STIX TAXII: 1.x Service
STIX TAXII: 2.1 Service
STIX TAXII: Collections
Takedowns
Takedown API
Threat Maps
All Maps
Threat Maps: Available Maps
get
Actors Threat Map
Threat Maps: Threat Actor Map
post
Threat Maps: Threat Actor Map for Organization
post
Threat Maps: Threat Actor Search
post
Threat Maps: Threat Actor Categories
get
Malware Threat Map
Threat Maps: Malware Map
post
Threat Maps: Malware Map for Organization
post
Threat Maps: Malware Categories
get
Powered by
STIX TAXII: 2.1 Service
Ask AI
