The Edgewatch Cyber Threat Intelligence (CTI) API delivers real-time, structured, and enriched threat data directly from our global honeypot sensor network. It empowers security professionals with access to high-fidelity indicators of compromise (IOCs), attacker profiling, malware hashes, and contextual threat intelligence enriched with MITRE ATT&CK and shared using STIX/TAXII standards.
Download free, ready-to-use threat intelligence feeds.
For REST API usage details and endpoint specifications, please visit the API Docs or consult our Knowledge Base. STIX 2.1 feeds are also available via our TAXII 2.1 server.
This service is governed by our Terms of Use and Privacy Policy.