Getting Started with CyberSecFeed API v1.5
Welcome to CyberSecFeed v1.5, your comprehensive CVE intelligence platform with enterprise features. This guide will help you make your first API call and understand our credit-based pricing system.
What is CyberSecFeed?
CyberSecFeed v1.5 provides real-time access to vulnerability intelligence with enterprise features, combining multiple authoritative sources into a single, unified API. Our platform enriches CVE data with:
- KEV (Known Exploited Vulnerabilities): Real-world exploitation status from CISA
- EPSS (Exploit Prediction Scoring System): Probability scores for exploitation likelihood
- ACSC (Australian Cyber Security Centre): Security alerts and advisories (available via
include=acscparameter) - Advanced Sorting: 8 sort options for optimized performance (
severity_desc,epss_desc, etc.) - Named Severity Levels: Fast filtering by
critical,high,medium,low - Enterprise Batch Operations: 86% cost savings with POST
/api/v1/cve/batch - Field Selection: Up to 85% payload reduction for bandwidth optimization
Prerequisites
Before you begin, you'll need:
- API Key: Required for all API requests. Subscribe at cybersecfeed.com to receive your key via email
- HTTPS Client: Any programming language or tool that can make HTTPS requests (curl, Python, etc.)
- Subscription: All endpoints require authentication (Free tier available with 1,000 monthly credits)
- Credit Understanding: Endpoints cost 0-35 credits based on computational value and intelligence provided
Your First API Call
Let's start with a simple CVE lookup. Replace your-api-key-here with your actual API key:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001
Understanding the Response
You'll receive a JSON response with the CVE details:
{
"data": {
"cve": {
"id": "CVE-2024-0001",
"published": "2024-01-15T10:00:00Z",
"modified": "2024-01-16T14:30:00Z",
"description": "...",
"cvss": {
"version": "3.1",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"kev": {
"dateAdded": "2024-01-20",
"knownRansomware": false
},
"epss": {
"score": 0.85432,
"percentile": 0.95
}
}
},
"meta": {
"timestamp": "2024-01-25T12:00:00Z",
"version": "v1",
"correlationId": "req-12345"
}
}
Getting ACSC Data
To include ACSC security alerts and advisories, add the include=acsc parameter:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001?include=acsc
This will add an acsc array to the response when relevant notices exist.
Common Use Cases
1. Search for Recent High-Severity CVEs (v1.5 Optimized - 1 credit)
Find vulnerabilities published in the last 30 days with high severity using v1.5 named severity levels:
# v1.5 optimized - faster than legacy severity_min
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?severity=critical,high&published_after=2024-01-01&sort=severity_desc&limit=10"
2. Check if a CVE is Actively Exploited
Look up a specific CVE and check its KEV status:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2023-12345
Check the response for kev field - if present, the vulnerability is known to be exploited.
3. Enterprise Batch CVE Lookup (35 credits - 86% savings!)
Retrieve multiple CVEs in a single request using the v1.5 enterprise batch endpoint:
# Legacy batch via query parameters (15 credits for 3 CVEs)
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?ids=CVE-2024-0001,CVE-2024-0002,CVE-2024-0003"
# v1.5 Enterprise batch with field selection (35 credits for up to 50 CVEs)
curl -X POST -H "X-API-Key: your-api-key-here" \
-H "Content-Type: application/json" \
-d '{"cve_ids":["CVE-2024-0001","CVE-2024-0002","CVE-2021-44228"],"fields":["cve_id","severity","kev","epss"]}' \
https://api.cybersecfeed.com/api/v1/cve/batch
4. Search with ACSC Alerts (v1.5 - 1 credit)
Find vulnerabilities with ACSC security notices (Australian Cyber Security Centre):
# v1.5 optimized with named severity levels
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?severity=critical,high&include=acsc&sort=severity_desc&limit=10"
Note: ACSC data is only included when explicitly requested using the include=acsc parameter for performance optimization.
5. Get Detailed CVE Data (Blob Storage)
For high-value CVEs, access comprehensive details including all affected products and references:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001/detail
This endpoint provides progressive data retrieval:
Full Response (When Blob Available)
{
"status": "success",
"data": {
"cve_id": "CVE-2024-0001",
"source": "nvd",
"affected_products": {
"total_cpe_count": 15,
"configurations": [
{
"nodes": [...],
"operator": "OR"
}
]
},
"references": {
"total_reference_count": 8,
"by_type": {
"Patch": 2,
"Vendor Advisory": 3,
"Third Party Advisory": 3
},
"references": [...]
},
"metrics": {
"cvss": {
"version": "3.1",
"baseScore": 9.8,
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"severity": "CRITICAL"
}
}
}
Partial Response (When Blob Unavailable)
{
"status": "partial",
"message": "Full blob data not available for this CVE",
"data": {
"cve_id": "CVE-2024-0001",
"enrichment": {
"cpe_count": 15,
"reference_count": 8,
"has_kev": true,
"has_epss": true,
"cvss_score": 9.8,
"severity": "CRITICAL",
"vendor": "nvd"
}
}
}
Response Headers:
X-Blob-Status: Indicates data availability (available,partial,missing)
Vendor Parameter:
Choose enrichment source (default: nvd):
# NVD (default)
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001/detail
# MITRE
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001/detail?vendor=mitre
# Cisco (Enterprise only)
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001/detail?vendor=cisco
Note: Detailed blob data is available for CVEs meeting these criteria:
- CVSS base score ≥7.0
- Known exploited vulnerabilities (KEV)
- More than 5 CPE configurations
- High impact or exploitable CVEs
Approximately 7% of CVEs have full blob storage available.
6. Get Platform Statistics
Check the overall coverage and data freshness:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/stats
Platform Coverage:
- Total CVEs: Comprehensive coverage of the CVE universe
- KEV entries: Known exploited vulnerabilities from CISA
- EPSS coverage: Exploit prediction scores for risk assessment
- ACSC notices: Australian Cyber Security Centre regional intelligence
Response Format
All API responses follow a consistent structure:
- data: Contains the requested information
- meta: Includes metadata like timestamp, API version, and correlation ID for troubleshooting
Credit-Based Pricing (v1.5)
Your API usage is measured in credits based on computational cost and intelligence value:
Credit Costs by Endpoint
| Endpoint | Credits | Description | Value |
|---|---|---|---|
/api/v1/ping | 0 | Health checks | Free monitoring |
/api/v1/stats | 0.5 | Platform statistics | Basic insights |
/api/v1/cves | 1 | CVE search/listing | Core functionality |
/api/v1/cves/recent | 2 | Recent monitoring | Real-time alerts |
/api/v1/cve/{id} | 5 | Single CVE details | Comprehensive data |
/api/v1/cve/batch | 35 | Up to 50 CVEs | 86% savings |
/api/v1/kev | 1 | KEV catalog | Exploitation intel |
/api/v1/usage | 0 | Usage monitoring | Free tracking |
Subscription Tiers
| Tier | Monthly Credits | Price | Rate Limit | Support Level |
|---|---|---|---|---|
| Free | 1,000 credits | Free | 5 req/minute | Community forums |
| Plus | 30,000 credits | $49/month | No limit | Email support (48h) |
| Pro | 200,000 credits | $299/month | No limit | Priority support (24h) |
| Business | 2,000,000 credits | $1,999/month | No limit | Dedicated support (4h) |
| Enterprise | Custom credits | Contact us | No limit | Custom SLA & features |
Enterprise Features
For large-scale deployments, contact us for Enterprise solutions including:
- Custom API quotas - Tailored to your specific needs
- Custom SLA agreements - Guaranteed uptime and response times
- Additional enrichment data - Proprietary threat intelligence feeds
- Private data feeds - Exclusive vulnerability intelligence
- Dedicated infrastructure - Isolated deployment options
- Custom integrations - Tailored API endpoints and formats
Monitoring Your Credit Usage
Check your current credit usage and limits using the dedicated usage endpoint (0 credits):
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/usage
Response:
{
"data": {
"usage": {
"plan": "CyberSecFeed Pro",
"credits_used": 12350,
"credits_limit": 200000,
"credits_remaining": 187650,
"reset_at": "2024-02-01T00:00:00Z",
"percentage_used": 6.18
}
}
}
Important: This is the only way to check your credit usage. Credit information is not included in regular API responses to improve performance through better caching (95%+ cache hit rates).
7. Regional Intelligence: ACSC Monitoring
For organizations monitoring Australian cyber threats or requiring ACSC compliance:
# Get CVEs with ACSC security notices efficiently
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?has_acsc=true&include=acsc&limit=50"
# High-priority ACSC vulnerabilities
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?has_acsc=true&severity=critical&include=acsc"
Why use has_acsc=true? This parameter enables server-side filtering to return only CVEs that have ACSC notices attached, eliminating the need to search through the entire CVE database. Much more efficient for ACSC-focused workflows.
Next Steps
Now that you've made your first API call, explore:
- API Reference - Complete endpoint documentation
- Data Enrichment Guide - Understanding KEV, EPSS, and ACSC data
- Authentication Guide - API key best practices
- Integration Examples - Code samples in multiple languages
Need Help?
- Check our Troubleshooting Guide for common issues
- Review the API Reference for detailed parameter documentation
- Contact support based on your subscription tier:
- Community: Access community forums
- Email/Priority: Contact support through your account dashboard
- Dedicated: Direct access to your dedicated support team