Tag

threat intelligence API

13 articles on threat intelligence api.

← All blog posts
SSO Vishing And SaaS Data Theft: Domain Monitoring Before The Helpdesk Call
AI & MLJul 13, 2026

SSO Vishing And SaaS Data Theft: Domain Monitoring Before The Helpdesk Call

ShinyHunters-style SSO vishing shows how fake login domains, MFA enrollment abuse, and SaaS access can become data theft. Domain monitoring gives defenders early warning.

3 min read
When Vulnerability Exploitation Overtakes Credentials: CVE Prioritization In 2026
VulnerabilitiesJul 10, 2026

When Vulnerability Exploitation Overtakes Credentials: CVE Prioritization In 2026

Verizon DBIR reporting highlights vulnerability exploitation as a top breach path. CVE Watch, KEV, EPSS, and exposure context help teams patch what attackers actually use.

3 min read
Agentic AI Threat Mapping: MITRE ATT&CK Needs Evidence-Rich Workflows
AI & MLJul 8, 2026

Agentic AI Threat Mapping: MITRE ATT&CK Needs Evidence-Rich Workflows

Anthropic mapped AI-enabled cyber activity to MITRE ATT&CK and found gaps around autonomous orchestration. SOC teams need AI summaries tied to evidence, not unsupported verdicts.

4 min read
Ransomware Revenue Is Rising: Initial Access Brokers Make Threat Intelligence Urgent
RansomwareJul 6, 2026

Ransomware Revenue Is Rising: Initial Access Brokers Make Threat Intelligence Urgent

Q1 2026 ransomware revenue reporting points to a mature access market. Defenders need ransomware intelligence, domain monitoring, blocklists, and API enrichment before encryption begins.

4 min read
AMOS macOS Infostealer: ClickFix Shows Why Hash Reputation Must Cover Developer Macs
MalwareJul 5, 2026

AMOS macOS Infostealer: ClickFix Shows Why Hash Reputation Must Cover Developer Macs

AMOS and related macOS infostealers are turning social engineering into credential theft. File hash reputation, URL scanning, and domain intelligence help teams respond before stolen tokens spread.

3 min read
BlueHammer Defender Exploitation: July 2026 Patch SLA For Windows Fleets
ResearchJul 4, 2026

BlueHammer Defender Exploitation: July 2026 Patch SLA For Windows Fleets

BlueHammer coverage shows why endpoint patching, CISA KEV context, CVE Watch, and IOC enrichment have to work together when local privilege escalation becomes ransomware tradecraft.

4 min read
Arch AUR Rootkit And Infostealer Campaign: Supply Chain Defense Starts With Hash Intelligence
Supply ChainJun 15, 2026

Arch AUR Rootkit And Infostealer Campaign: Supply Chain Defense Starts With Hash Intelligence

The June 2026 Arch User Repository compromise shows why supply chain security needs package review, file hash reputation, developer credential protection, and fast IOC enrichment.

6 min read
Microsoft June 2026 Patch Tuesday: Turning 206 Vulnerabilities Into A SOC Priority Queue
SOCJun 15, 2026

Microsoft June 2026 Patch Tuesday: Turning 206 Vulnerabilities Into A SOC Priority Queue

Microsoft patched 206 vulnerabilities in June 2026, including publicly disclosed zero-days. Security teams need CVE Watch, KEV context, exploit evidence, and enrichment to avoid patch fatigue.

6 min read
CISA KEV Adds Cisco, Chrome, And Arista Flaws: How To Prioritize Active Exploitation
ResearchJun 15, 2026

CISA KEV Adds Cisco, Chrome, And Arista Flaws: How To Prioritize Active Exploitation

CISA added Cisco SD-WAN, Google Chromium V8, and Arista EOS vulnerabilities to KEV in June 2026. Here is how SOC and vulnerability teams should turn that signal into action.

6 min read
Oracle PeopleSoft Zero-Day: CVE-2026-35273 Shows Why CVE Watch Needs IOC Enrichment
VulnerabilitiesJun 15, 2026

Oracle PeopleSoft Zero-Day: CVE-2026-35273 Shows Why CVE Watch Needs IOC Enrichment

The PeopleSoft CVE-2026-35273 exploitation reports show how vulnerability response, ransomware intelligence, IP enrichment, and incident response must work together.

6 min read
Outsider Enterprise Takedown: AI Phishing Infrastructure Is Now A Domain Reputation Problem
PhishingJun 15, 2026

Outsider Enterprise Takedown: AI Phishing Infrastructure Is Now A Domain Reputation Problem

The FBI, Google, and Black Lotus Labs disruption of Outsider Enterprise shows why AI phishing defense needs URL scanning, domain reputation checks, blocklists, and fast API enrichment.

7 min read
AI-Enabled Cyberattacks and MITRE ATT&CK: Turning New Threat Maps Into SOC Action
SOCJun 4, 2026

AI-Enabled Cyberattacks and MITRE ATT&CK: Turning New Threat Maps Into SOC Action

AI-enabled threats are being mapped into ATT&CK language, but mapping is only useful when it drives enrichment, detection, triage, and response workflows.

8 min read
IOC Enrichment APIs: A Security Operations Guide to Faster Triage, Fewer False Positives, and Measurable ROI
APIApr 26, 2026

IOC Enrichment APIs: A Security Operations Guide to Faster Triage, Fewer False Positives, and Measurable ROI

An indicator without context is a ticket without an owner. Learn how IOC enrichment APIs work, which fields SOC teams need at each tier, and how to wire them into case management without building a data swamp.

6 min read