- Inside of threat-DB user one of the open souce APIs and fetch threats.
Investigations APIs The Investigations Application Programming Interfaces (APIs) let you build, delete, modify, or list the Investigation objects in USM Central. You can also use the APIs to download attachments, add evidence, or create notes for the Investigation object.
The Investigations APIs are based on the Representational State Transfer (REST) architecture standard. You must access the APIs using Hypertext Transfer Protocol Secure (HTTPS) on port 443. This document explains how to access the endpoints, how to construct your requests, and what errors you may receive.
Authentication The Investigations APIs implements Open Authorization (OAuth) 2.0 for endpoint protection, which provides token-based authentication and authorization over HTTPS. To generate the token, you must first obtain the following items:
URL of your USM Central instance
This URL is in the form of https://{usm-central-subdomain}.alienvault.cloud. The {usm-central-subdomain} portion identifies your USM Central instance.
Email and password of an active user on the USM Central instance
Important: This user must have the Manager role. You can use an existing user or create a new user dedicated to accessing the Investigations APIs.
With both information at hand, you can construct an authentication request like this: