Recorded Future API

Our API offers an alternative method for accessing threat intelligence data from Recorded Future. You don’t need to be able to code to use it, and this powerful threat content can be used to integrate with your existing security technologies and workflows.

Enrichment of Indicators and Observables

Intelligence via the API can deliver valuable context for indicators of compromise, malware, and vulnerabilities. You can see evidence of a specific indicator on threat lists, the dark web, or paste sites. An accompanying risk score, calculated by examining this evidence, is also available.

Correlating With Alerts and Events

By downloading risk lists of IP addresses, hashes, and vulnerabilities, you can correlate this intelligence, including current risk scores and evidence, with your internal logging and alert data. This context can be used by analysts to make faster, more accurate security decisions.

Monitoring for Risks and Threats

The API ensures that the data you call on is relevant to your security. Create your own watch list in Recorded Future's web app and use the API to monitor the entities in the list for intelligence that triggers specific risk rules or meets a particular risk score.