API Documentation

Threat Maps: Threat Actor Map for Organization

post
https://api.recordedfuture.com/threat/map//actors

Rank threat actors by risk to a specific organization in a multi-org enterprise.

Path Params
string
required

The entity ID of the organization for which to fetch the threat map. The calling user must have access to this organization.

Body Params

Threat map filters

actors
array of strings

An array of threat actor entity IDs. If used, the API response will be limited to only those threat actors whose entity IDs match those found in the array. To lookup a threat actor entity ID, use the /actor/search endpoint.

actors
categories
array of strings

An array of threat actor category entity IDs. If used, the API response will be filtered to only those threat actors whose category (e.g., Hacktivist, Financially motivated, Nation-state sponsored) matches those found in the array. Categories must be listed by their Recorded Future Entity ID, which can be found by using the /actor/categories endpoint.

categories
watchlists
array of strings

An array of client specific watch list IDs. If used, the API response will be limited to only those threat actors whose link to the threat map is via the watch lists included. To lookup a watch list ID, use the List API.

watchlists
Response

Updated about 1 month ago

Language
Credentials
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated about 1 month ago