The Edgewatch Cyber Threat Intelligence (CTI) API delivers real-time, structured, and enriched threat data directly from our global honeypot sensor network. It empowers security professionals with access to high-fidelity attacker data, malware hashes, and contextual threat intelligence enriched with MITRE ATT&CK and shared using STIX/TAXII standards. Each event represents a real attack observed on our honeypots.
Download free, ready-to-use threat intelligence feeds. For REST API usage details and endpoint specifications, visit the API Docs or consult our Knowledge Base. STIX 2.1 feeds are also available via our TAXII 2.1 server.
Loading threat activity...
Loading cumulative statistics...
Anomaly-detected threats with unusual activity spikes
This service is subject to our Terms of Use and Privacy Policy.