Getting Started with CyberSecFeed API
Welcome to CyberSecFeed, your comprehensive CVE intelligence platform. This guide will help you make your first API call and understand the basics of integrating with our service.
What is CyberSecFeed?
CyberSecFeed provides real-time access to vulnerability intelligence, combining multiple authoritative sources into a single, unified API. Our platform enriches CVE data with:
- KEV (Known Exploited Vulnerabilities): Real-world exploitation status from CISA
- EPSS (Exploit Prediction Scoring System): Probability scores for exploitation likelihood
- ACSC (Australian Cyber Security Centre): Security alerts and advisories (available via
include=acscparameter)
Prerequisites
Before you begin, you'll need:
- API Key: Required for all API requests. Subscribe at https://cybersecfeed.com/pricing to receive your key via email
- HTTPS Client: Any programming language or tool that can make HTTPS requests (curl, Python, etc.)
- Subscription: All endpoints require authentication (Free tier available with 1,000 monthly requests)
Your First API Call
Let's start with a simple CVE lookup. Replace your-api-key-here with your actual API key:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001
Understanding the Response
You'll receive a JSON response with the CVE details:
{
"data": {
"cve": {
"id": "CVE-2024-0001",
"published": "2024-01-15T10:00:00Z",
"modified": "2024-01-16T14:30:00Z",
"description": "...",
"cvss": {
"version": "3.1",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"kev": {
"dateAdded": "2024-01-20",
"knownRansomware": false
},
"epss": {
"score": 0.85432,
"percentile": 0.95
}
}
},
"meta": {
"timestamp": "2024-01-25T12:00:00Z",
"version": "v1",
"correlationId": "req-12345"
}
}
Getting ACSC Data
To include ACSC security alerts and advisories, add the include=acsc parameter:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001?include=acsc
This will add an acsc array to the response when relevant notices exist.
Common Use Cases
1. Search for Recent High-Severity CVEs
Find vulnerabilities published in the last 30 days with high severity:
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?severity_min=7.0&published_after=2024-01-01&limit=10"
2. Check if a CVE is Actively Exploited
Look up a specific CVE and check its KEV status:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/cve/CVE-2023-12345
Check the response for kev field - if present, the vulnerability is known to be exploited.
3. Batch CVE Lookup
Retrieve multiple CVEs in a single request:
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?ids=CVE-2024-0001,CVE-2024-0002,CVE-2024-0003"
4. Search with ACSC Alerts
Find vulnerabilities with ACSC security notices (Australian Cyber Security Centre):
curl -H "X-API-Key: your-api-key-here" \
"https://api.cybersecfeed.com/api/v1/cves?severity_min=7.0&include=acsc&limit=10"
Note: ACSC data is only included when explicitly requested using the include=acsc parameter for performance optimization.
5. Get Platform Statistics
Check the overall coverage and data freshness:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/stats
Platform Coverage:
- Total CVEs: Comprehensive coverage of the CVE universe
- KEV entries: Known exploited vulnerabilities from CISA
- EPSS coverage: Exploit prediction scores for risk assessment
- ACSC notices: Australian Cyber Security Centre regional intelligence
Response Format
All API responses follow a consistent structure:
- data: Contains the requested information
- meta: Includes metadata like timestamp, API version, and correlation ID for troubleshooting
API Quotas
Your API usage is limited by monthly quotas based on your subscription tier:
| Tier | Monthly Quota | Price | Rate Limit | Support Level |
|---|---|---|---|---|
| Free | 1,000 calls | Free | 5 req/minute | Community forums |
| Plus | 30,000 calls | $49/month | No limit | Email support (24h) |
| Pro | 200,000 calls | $299/month | No limit | Priority support (8h) |
| Business | 2,000,000 calls | $1,999/month | No limit | Dedicated support |
| Enterprise | Custom quotas | Contact us | No limit | Custom SLA & features |
Enterprise Features
For large-scale deployments, contact us for Enterprise solutions including:
- Custom API quotas - Tailored to your specific needs
- Custom SLA agreements - Guaranteed uptime and response times
- Additional enrichment data - Proprietary threat intelligence feeds
- Private data feeds - Exclusive vulnerability intelligence
- Dedicated infrastructure - Isolated deployment options
- Custom integrations - Tailored API endpoints and formats
Monitoring Your Usage
Check your current usage and quota limits using the dedicated usage endpoint:
curl -H "X-API-Key: your-api-key-here" \
https://api.cybersecfeed.com/api/v1/usage
Important: This is the only way to check your quota usage. Quota information is not included in regular API responses to improve performance through better caching. This enables high cache hit rates and near-zero latency for cached responses.
Next Steps
Now that you've made your first API call, explore:
- API Reference - Complete endpoint documentation
- Data Enrichment Guide - Understanding KEV, EPSS, and ACSC data
- Authentication Guide - API key best practices
- Integration Examples - Code samples in multiple languages
Need Help?
- Check our Troubleshooting Guide for common issues
- Review the API Reference for detailed parameter documentation
- Contact support based on your subscription tier:
- Community: Access community forums
- Email/Priority: Contact support through your account dashboard
- Dedicated: Direct access to your dedicated support team