Skip to main content

Introduction to CyberSecFeed

Welcome to CyberSecFeed API v1.5, the enterprise vulnerability intelligence platform that provides complete CVE universe coverage with advanced sorting, named severity levels, and cost-efficient batch operations.

What is CyberSecFeed?

CyberSecFeed is a unified API platform that aggregates and enriches vulnerability data from multiple authoritative sources:

  • NVD (National Vulnerability Database): The primary source for CVE information
  • MITRE: Additional CVE coverage and updates
  • CISA KEV: Real-world exploitation status
  • EPSS: Predictive exploitation probability
  • ACSC: Regional threat intelligence and advisories

Why CyberSecFeed v1.5?

Complete Coverage

  • Comprehensive coverage of published CVEs (304,050+ CVEs, 98.17% universe coverage)
  • Hourly updates with smart skip logic for bandwidth optimization
  • Historical data from 1999 to present with MITRE integration

v1.5 Enterprise Features

  • Advanced Sorting: 8 sort options with optimized performance (severity_desc, epss_desc, etc.)
  • Named Severity Levels: Fast filtering by critical, high, medium, low
  • Enhanced Exploit Detection: Built-in exploit filtering without requiring enrichment
  • Enterprise Batch Endpoint: 86% cost savings with POST /api/v1/cve/batch
  • Field Selection: Up to 85% payload reduction for optimized bandwidth

Enriched Intelligence

  • Know which vulnerabilities are actively exploited (KEV)
  • Predict future exploitation (EPSS scores)
  • Regional threat context (ACSC advisories)
  • MITRE ATT&CK technique mappings
  • Enhanced exploitation intelligence with multi-source detection

Enterprise Ready

  • Credit-Based Pricing: Transparent, value-based pricing (0-35 credits per endpoint)
  • No Rate Limits: Unlimited speed on paid plans for maximum throughput
  • Enterprise-grade uptime SLA (99.99% available)
  • Sub-second response times with 95%+ cache hit rates
  • Four-tier support structure (Community/Email/Priority/Dedicated)
  • Stripe-powered subscription management

Who Uses CyberSecFeed v1.5?

  • Security Teams: Vulnerability management with advanced sorting and named severity levels
  • DevSecOps: CI/CD integration with enterprise batch operations (86% cost savings)
  • Compliance Teams: Audit reporting with field selection and credit-efficient queries
  • Threat Intelligence: Risk assessment with enhanced exploit detection and ATT&CK mappings
  • Enterprise Organizations: High-volume operations with unlimited speed and batch processing

Getting Started Path

  1. Quick Start - Make your first API call in 5 minutes
  2. Authentication - Set up your API key securely
  3. First API Call - Understand request/response structure

Key Concepts

CVE (Common Vulnerabilities and Exposures)

Standardized identifiers for publicly known security vulnerabilities.

CVSS (Common Vulnerability Scoring System)

Technical severity scoring from 0.0 to 10.0, with v1.5 named levels: critical, high, medium, low.

KEV (Known Exploited Vulnerabilities)

CISA's catalog of vulnerabilities with confirmed exploitation.

EPSS (Exploit Prediction Scoring System)

Machine learning model predicting exploitation probability (0.0-1.0).

ACSC (Australian Cyber Security Centre)

Regional security alerts and advisories (parameter-controlled with include=acsc).

Credits (v1.5)

Value-based pricing units: 0-35 credits per endpoint based on computational cost and intelligence value.

Enterprise Batch Operations (v1.5)

POST /api/v1/cve/batch endpoint offering 86% cost savings for bulk CVE processing (1-50 CVEs).

Next Steps

Ready to integrate CyberSecFeed v1.5 into your security operations?