Enterprise Performance Optimization Guide
This guide provides comprehensive strategies to optimize your CyberSecFeed API v1.5 integration for maximum performance, minimal bandwidth usage, and efficient credit consumption with enterprise-grade features.
Performance Overview
The CyberSecFeed API v1.5 delivers enterprise-grade performance with advanced optimization layers:
- Edge Caching: 95%+ cache hit rates with Cloudflare CDN
- Enterprise Batch Operations: 86% cost savings with POST
/api/v1/cve/batch - Advanced Field Selection: Up to 85% payload reduction
- Smart Sorting: 8 sort options for optimized queries
- Exploit Filtering: Targeted vulnerability detection
- ETag Support: Efficient client-side caching
- Credit Optimization: Transparent, value-based pricing
Enterprise Performance Metrics (v1.5)
| Operation | P95 Response Time | Cache Hit Rate | Credits | Payload Size | Optimization |
|---|---|---|---|---|---|
| CVE Detail (basic) | <150ms | 95% | 5 | ~2KB | Standard |
| CVE Detail + Field Selection | <100ms | 95% | 5 | ~0.3KB (85% ↓) | Optimized |
| Enterprise Batch (50 CVEs) | <500ms | 85% | 35 | ~50KB | 86% savings |
| CVE Search + Sorting | <400ms | 90% | 1 | ~15KB (20 results) | Advanced |
| Exploit Filtering | <300ms | 90% | 1 | ~10KB | Targeted |
| KEV Catalog | <200ms | 95% | 1 | ~40KB | Standard |
1. Enterprise Feature Optimization (v1.5)
Advanced Field Selection - 85% Payload Reduction
The most impactful v1.5 optimization is field selection combined with intelligent data loading:
# ❌ Inefficient - full payload (5 credits)
def get_full_cve(cve_id):
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
headers=headers
)
return response.json() # ~2KB payload
# ✅ Optimized - field selection (same 5 credits, 85% less data)
def get_essential_data(cve_id):
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
params={'fields': 'cve_id,severity,kev,epss'},
headers=headers
)
return response.json() # ~0.3KB payload (85% reduction!)
# ✅ Enterprise - field selection + targeted enrichment
def get_enterprise_data(cve_id, use_case='risk_assessment'):
field_configs = {
'risk_assessment': 'cve_id,severity,kev,epss',
'compliance': 'cve_id,published,severity,kev',
'threat_hunting': 'cve_id,severity,kev,epss,enrichment_status'
}
params = {'fields': field_configs[use_case]}
if use_case == 'threat_hunting':
params['include'] = 'enrichment,attack'
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
params=params,
headers=headers
)
return response.json()
Advanced Sorting for Performance
v1.5 introduces 8 sort options for optimized data retrieval:
# ✅ Performance-optimized CVE searches
def get_critical_vulns_optimized():
response = requests.get(
"https://api.cybersecfeed.com/api/v1/cves",
params={
'severity': 'critical', # Named severity filtering
'sort': 'severity_desc', # Sort by severity (fastest)
'fields': 'cve_id,severity,kev', # Essential fields only
'limit': 20
},
headers=headers
)
return response.json()
# ✅ EPSS-based prioritization
def get_high_probability_exploits():
response = requests.get(
"https://api.cybersecfeed.com/api/v1/cves",
params={
'exploit': 'true', # Exploit filtering (v1.5)
'sort': 'epss_desc', # Sort by EPSS score
'fields': 'cve_id,severity,epss,kev',
'limit': 50
},
headers=headers
)
return response.json()
v1.5 Performance Impact Matrix
| Configuration | Response Time | Payload Size | Credits | Efficiency Gain |
|---|---|---|---|---|
| Field Selection Only | Fastest | 85% ↓ | 5 | Maximum |
| Default (no params) | Standard | Baseline | 5 | Good |
| Field Selection + Enrichment | +20% | 60% ↓ | 5 | Excellent |
| Field Selection + Full Intelligence | +30% | 40% ↓ | 5 | Premium |
| Enterprise Batch (50 CVEs) | Single Req | Bulk Opt | 35 | 86% savings |
Sort Performance Characteristics
| Sort Option | Use Case | Performance | Index Optimization |
|---|---|---|---|
severity_desc | Critical vulnerability monitoring | Fastest | Primary index |
published_desc | Recent vulnerability tracking | Fast | Time-based index |
epss_desc | Exploitation prioritization | Fast | EPSS index |
modified_desc | Change monitoring | Fast | Modified index |
2. Advanced Field Selection (v1.5)
Field selection is the most powerful performance optimization in v1.5, reducing payload size by up to 85%:
# ❌ Inefficient - full response (2KB payload)
def get_full_cve(cve_id):
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
headers=headers
)
return response.json()
# ✅ v1.5 Optimized - field selection (0.3KB payload, 85% reduction)
def get_risk_essentials(cve_id):
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
params={'fields': 'cve_id,severity,kev,epss'},
headers=headers
)
return response.json()
# ✅ Enterprise - field selection + comprehensive intelligence
def get_enterprise_intelligence(cve_id):
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
params={
'fields': 'cve_id,published,severity,kev,epss,enrichment_status',
'include': 'enrichment,attack' # Full threat intelligence
},
headers=headers
)
return response.json() # Optimized payload with complete data
v1.5 Field Selection Presets
# Enterprise field selection patterns for maximum efficiency
V15_FIELD_PRESETS = {
'ultra_minimal': 'cve_id,severity', # 90% payload reduction
'risk_scoring': 'cve_id,severity,kev,epss', # Risk assessment essentials
'dashboard': 'cve_id,published,severity,status,kev', # Executive dashboards
'compliance': 'cve_id,published,severity,kev,source_tag', # Audit reporting
'threat_hunting': 'cve_id,severity,kev,epss,enrichment_status', # SOC operations
'enterprise_full': 'cve_id,published,modified,severity,status,kev,epss,enrichment_status' # Complete context
}
class OptimizedCVEClient:
def __init__(self, api_key):
self.api_key = api_key
self.headers = {'X-API-Key': api_key}
def get_cve_optimized(self, cve_id, preset='risk_scoring', include_intel=False):
"""Get CVE with optimized field selection"""
params = {'fields': V15_FIELD_PRESETS[preset]}
# Add intelligence based on use case
if include_intel:
if preset == 'threat_hunting':
params['include'] = 'enrichment,attack' # Full threat context
elif preset == 'compliance':
params['include'] = 'acsc' # Regional compliance
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
params=params,
headers=self.headers
)
return response.json()
3. Enterprise Batch Operations - 86% Cost Savings
The enterprise batch endpoint is the most significant performance improvement in v1.5:
import requests
def enterprise_batch_optimized(cve_ids, api_key, optimization_level='standard'):
"""Enterprise batch with optimization levels"""
url = "https://api.cybersecfeed.com/api/v1/cve/batch"
headers = {
'X-API-Key': api_key,
'Content-Type': 'application/json'
}
# Optimization configurations
configs = {
'ultra_fast': {
'fields': ['cve_id', 'severity'], # 90% payload reduction
'include': None
},
'standard': {
'fields': ['cve_id', 'severity', 'kev', 'epss'], # 85% reduction
'include': 'enrichment'
},
'comprehensive': {
'fields': ['cve_id', 'published', 'severity', 'kev', 'epss', 'enrichment_status'],
'include': 'enrichment,attack' # Full threat intelligence
}
}
payload = {
'cve_ids': cve_ids[:50], # Maximum 50 per batch
**configs[optimization_level]
}
response = requests.post(url, json=payload, headers=headers)
return response.json()
# Cost comparison examples
def demonstrate_batch_savings():
cve_list = [f"CVE-2024-{str(i).zfill(4)}" for i in range(1, 51)]
print("Cost Comparison:")
print(f"Individual calls: {len(cve_list)} × 5 = {len(cve_list) * 5} credits")
print(f"Enterprise batch: 35 credits (flat rate)")
print(f"Savings: {((len(cve_list) * 5 - 35) / (len(cve_list) * 5)) * 100:.1f}%")
# Ultra-fast batch processing
result = enterprise_batch_optimized(cve_list, api_key, 'ultra_fast')
print(f"Processed {len(result['data']['cves'])} CVEs with maximum efficiency")
return result
Batch Performance Optimization
def process_large_dataset_optimized(all_cve_ids, api_key):
"""Process thousands of CVEs with enterprise efficiency"""
batch_size = 50
all_results = []
total_credits = 0
# Calculate enterprise efficiency
num_batches = (len(all_cve_ids) + batch_size - 1) // batch_size
enterprise_credits = num_batches * 35
individual_credits = len(all_cve_ids) * 5
savings_percent = ((individual_credits - enterprise_credits) / individual_credits) * 100
print(f"Enterprise Processing: {len(all_cve_ids)} CVEs")
print(f"Batches: {num_batches} × 35 credits = {enterprise_credits} credits")
print(f"vs Individual: {len(all_cve_ids)} × 5 credits = {individual_credits} credits")
print(f"Cost Savings: {savings_percent:.1f}%")
# Process in optimized batches
for i in range(0, len(all_cve_ids), batch_size):
batch = all_cve_ids[i:i + batch_size]
# Use enterprise batch with field optimization
result = enterprise_batch_optimized(batch, api_key, 'standard')
if result.get('data', {}).get('cves'):
batch_cves = list(result['data']['cves'].values())
all_results.extend(batch_cves)
total_credits += 35
print(f"\nCompleted: {len(all_results)} CVEs, {total_credits} credits used")
print(f"Efficiency: {len(all_results)/total_credits:.1f} CVEs per credit")
return all_results
# Example: Process 1000 CVEs efficiently
large_dataset = [f"CVE-2024-{str(i).zfill(4)}" for i in range(1, 1001)]
results = process_large_dataset_optimized(large_dataset, api_key)
# Result: 86% cost savings + 98% fewer HTTP requests
4. Intelligent Caching Strategies
ETag-Based Caching
Implement proper ETag support for maximum cache efficiency:
import hashlib
class OptimizedCyberSecFeedClient:
def __init__(self, api_key):
self.api_key = api_key
self.etag_cache = {}
self.session = requests.Session()
self.session.headers.update({'X-API-Key': api_key})
def get_cve_cached(self, cve_id, params=None):
"""Get CVE with ETag caching support"""
url = f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}"
cache_key = self._make_cache_key(url, params)
headers = {}
if cache_key in self.etag_cache:
headers['If-None-Match'] = self.etag_cache[cache_key]['etag']
response = self.session.get(url, params=params, headers=headers)
if response.status_code == 304:
# Cache hit - return cached data
return self.etag_cache[cache_key]['data']
elif response.status_code == 200:
# Cache miss - store new data
data = response.json()
if 'etag' in response.headers:
self.etag_cache[cache_key] = {
'etag': response.headers['etag'],
'data': data
}
return data
else:
response.raise_for_status()
def _make_cache_key(self, url, params):
"""Create cache key from URL and parameters"""
if params:
param_str = '&'.join(f"{k}={v}" for k, v in sorted(params.items()))
cache_input = f"{url}?{param_str}"
else:
cache_input = url
return hashlib.md5(cache_input.encode()).hexdigest()
# Usage
client = OptimizedCyberSecFeedClient(api_key)
# First request - cache miss
data1 = client.get_cve_cached('CVE-2024-0001') # ~200ms
# Second request - cache hit
data2 = client.get_cve_cached('CVE-2024-0001') # ~20ms
Application-Level Caching
from functools import lru_cache
import time
class CacheConfig:
CVE_CACHE_TTL = 3600 # 1 hour
STATS_CACHE_TTL = 300 # 5 minutes
KEV_CACHE_TTL = 1800 # 30 minutes
class TimedCache:
def __init__(self, ttl):
self.cache = {}
self.ttl = ttl
def get(self, key):
if key in self.cache:
data, timestamp = self.cache[key]
if time.time() - timestamp < self.ttl:
return data
else:
del self.cache[key]
return None
def set(self, key, value):
self.cache[key] = (value, time.time())
class CachedClient:
def __init__(self, api_key):
self.api_key = api_key
self.cve_cache = TimedCache(CacheConfig.CVE_CACHE_TTL)
self.stats_cache = TimedCache(CacheConfig.STATS_CACHE_TTL)
def get_cve(self, cve_id, use_cache=True):
if use_cache:
cached = self.cve_cache.get(cve_id)
if cached:
return cached
# Make API request
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
headers={'X-API-Key': self.api_key}
)
data = response.json()
if use_cache:
self.cve_cache.set(cve_id, data)
return data
4. Batch Operation Optimization
Efficient Batch Processing
def optimized_batch_processing(cve_ids, api_key):
"""Process CVEs in optimized batches"""
session = requests.Session()
session.headers.update({'X-API-Key': api_key})
# Use maximum batch size
batch_size = 50
all_results = []
for i in range(0, len(cve_ids), batch_size):
batch = cve_ids[i:i + batch_size]
# Optimize batch request
params = {
'ids': ','.join(batch),
'fields': 'id,cvss.baseScore,kev,epss.score', # Only essential data
# Include ACSC only if needed for this batch
# 'include': 'acsc'
}
response = session.get(
'https://api.cybersecfeed.com/api/v1/cves',
params=params
)
if response.status_code == 200:
batch_data = response.json()
all_results.extend(batch_data['data']['cves'])
# Small delay to avoid overwhelming the API
time.sleep(0.1)
return all_results
# Process 500 CVEs efficiently
large_cve_list = [f"CVE-2024-{str(i).zfill(4)}" for i in range(1, 501)]
results = optimized_batch_processing(large_cve_list, api_key)
print(f"Processed {len(results)} CVEs")
Parallel Processing with Rate Limiting
import asyncio
import aiohttp
from asyncio import Semaphore
class AsyncOptimizedClient:
def __init__(self, api_key, max_concurrent=10):
self.api_key = api_key
self.semaphore = Semaphore(max_concurrent)
self.base_url = "https://api.cybersecfeed.com/api/v1"
async def fetch_cve_batch(self, session, cve_ids, include_acsc=False):
"""Fetch a batch of CVEs asynchronously"""
async with self.semaphore: # Rate limiting
params = {
'ids': ','.join(cve_ids[:50]),
'fields': 'id,cvss.baseScore,kev,epss.score'
}
if include_acsc:
params['include'] = 'acsc'
async with session.get(
f"{self.base_url}/cves",
params=params,
headers={'X-API-Key': self.api_key}
) as response:
return await response.json()
async def process_large_list(self, all_cve_ids, include_acsc=False):
"""Process large CVE list with controlled concurrency"""
# Split into batches of 50
batches = [all_cve_ids[i:i+50] for i in range(0, len(all_cve_ids), 50)]
async with aiohttp.ClientSession() as session:
tasks = [
self.fetch_cve_batch(session, batch, include_acsc)
for batch in batches
]
batch_results = await asyncio.gather(*tasks)
# Combine all results
all_cves = []
for batch_result in batch_results:
if batch_result.get('data', {}).get('cves'):
all_cves.extend(batch_result['data']['cves'])
return all_cves
# Usage
async def main():
client = AsyncOptimizedClient(api_key, max_concurrent=5)
large_list = [f"CVE-2024-{str(i).zfill(4)}" for i in range(1, 1001)]
start_time = time.time()
results = await client.process_large_list(large_list)
end_time = time.time()
print(f"Processed {len(results)} CVEs in {end_time - start_time:.2f} seconds")
# Run async processing
asyncio.run(main())
5. Connection Optimization
Connection Pooling
from requests.adapters import HTTPAdapter
from urllib3.util.retry import Retry
class OptimizedSession:
def __init__(self, api_key):
self.session = requests.Session()
# Configure connection pooling
adapter = HTTPAdapter(
pool_connections=10, # Number of connection pools
pool_maxsize=20, # Max connections per pool
max_retries=Retry(
total=3,
status_forcelist=[429, 500, 502, 503, 504],
backoff_factor=1,
respect_retry_after_header=True
)
)
self.session.mount('https://', adapter)
self.session.headers.update({
'X-API-Key': api_key,
'User-Agent': 'MyApp/1.0 (Optimized)',
'Accept-Encoding': 'gzip, deflate'
})
def get(self, url, **kwargs):
return self.session.get(url, **kwargs)
# Use persistent session
session = OptimizedSession(api_key)
# Multiple requests reuse connections
for cve_id in cve_list:
response = session.get(f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}")
Timeout Optimization
# Configure timeouts for different operations
TIMEOUTS = {
'ping': (2, 5), # (connect, read) in seconds
'cve_detail': (3, 10),
'search': (5, 30),
'batch': (5, 60),
'stats': (3, 15)
}
def get_cve_with_timeout(cve_id, operation_type='cve_detail'):
timeout = TIMEOUTS.get(operation_type, (5, 30))
response = requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
headers={'X-API-Key': api_key},
timeout=timeout
)
return response.json()
6. Detail Endpoint Optimization
When to Use Detail vs Standard Endpoints
The detail endpoint provides comprehensive data but has higher latency. Choose wisely:
class SmartCVEClient:
"""Intelligent endpoint selection based on use case"""
def __init__(self, api_key):
self.api_key = api_key
self.base_url = "https://api.cybersecfeed.com/api/v1"
self.headers = {"X-API-Key": api_key}
def get_cve_optimized(self, cve_id, use_case="dashboard"):
"""Select optimal endpoint based on use case"""
strategies = {
"dashboard": self._get_minimal,
"risk_scoring": self._get_enriched,
"patch_management": self._get_detailed,
"security_research": self._get_full_detail,
"compliance": self._get_compliance_data
}
return strategies.get(use_case, self._get_minimal)(cve_id)
def _get_minimal(self, cve_id):
"""Minimal data for dashboards - fastest"""
params = {"fields": "id,cvss.baseScore,cvss.baseSeverity,kev,epss.score"}
response = requests.get(
f"{self.base_url}/cve/{cve_id}",
headers=self.headers,
params=params
)
return response.json()
def _get_enriched(self, cve_id):
"""Enriched data for risk scoring"""
params = {"include": "enrichment"}
response = requests.get(
f"{self.base_url}/cve/{cve_id}",
headers=self.headers,
params=params
)
return response.json()
def _get_detailed(self, cve_id):
"""Detailed data for patch management"""
response = requests.get(
f"{self.base_url}/cve/{cve_id}/detail",
headers=self.headers
)
return response.json()
def _get_full_detail(self, cve_id, vendor="nvd"):
"""Full vendor-specific detail for research"""
params = {"vendor": vendor}
response = requests.get(
f"{self.base_url}/cve/{cve_id}/detail",
headers=self.headers,
params=params
)
return response.json()
def _get_compliance_data(self, cve_id):
"""Optimized for compliance reporting"""
# First, get basic data with specific fields
params = {
"fields": "id,published,cvss,kev,epss",
"include": "acsc"
}
response = requests.get(
f"{self.base_url}/cve/{cve_id}",
headers=self.headers,
params=params
)
return response.json()
Detail Endpoint Performance Characteristics
| Scenario | Endpoint | Response Time | Cache TTL | Payload Size |
|---|---|---|---|---|
| Quick check | /cve/{id}?fields=id,cvss | <150ms | 1 hour | ~500B |
| Risk assessment | /cve/{id}?include=enrichment | <250ms | 2 hours | ~2KB |
| Full analysis | /cve/{id}/detail | <500ms | 24 hours | ~10-50KB |
| Vendor-specific | /cve/{id}/detail?vendor=cisco | <600ms | 24 hours | ~10-100KB |
Caching Strategy for Detail Endpoint
import hashlib
import time
from typing import Optional, Dict, Tuple
class DetailEndpointCache:
"""Aggressive caching for detail endpoint data"""
def __init__(self, api_key: str):
self.api_key = api_key
self.cache = {} # In production, use Redis or similar
self.cache_ttl = {
"detail": 86400, # 24 hours for detailed data
"enrichment": 7200, # 2 hours for enrichment
"basic": 3600 # 1 hour for basic data
}
def get_cve_detail(self, cve_id: str, vendor: str = "nvd",
force_refresh: bool = False) -> Optional[Dict]:
"""Get CVE detail with aggressive caching"""
cache_key = self._make_cache_key(cve_id, vendor, "detail")
# Check cache first
if not force_refresh:
cached_data = self._get_from_cache(cache_key, "detail")
if cached_data:
return cached_data
# Fetch from API
url = f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}/detail"
params = {"vendor": vendor} if vendor != "nvd" else {}
headers = {"X-API-Key": self.api_key}
response = requests.get(url, headers=headers, params=params)
if response.status_code == 200:
data = response.json()
# Check if we got full or partial data
if data.get("data", {}).get("status") == "partial":
# Partial data - shorter cache
self._set_cache(cache_key, data, ttl_override=3600)
else:
# Full data - long cache
self._set_cache(cache_key, data, cache_type="detail")
return data
elif response.status_code == 404:
# Cache negative responses too
self._set_cache(cache_key, None, ttl_override=3600)
return None
else:
response.raise_for_status()
def _make_cache_key(self, cve_id: str, vendor: str, cache_type: str) -> str:
"""Generate cache key"""
key_input = f"{cve_id}:{vendor}:{cache_type}"
return hashlib.md5(key_input.encode()).hexdigest()
def _get_from_cache(self, key: str, cache_type: str) -> Optional[Dict]:
"""Retrieve from cache if not expired"""
if key in self.cache:
data, timestamp = self.cache[key]
ttl = self.cache_ttl.get(cache_type, 3600)
if time.time() - timestamp < ttl:
return data
else:
# Expired - remove from cache
del self.cache[key]
return None
def _set_cache(self, key: str, data: Optional[Dict],
cache_type: str = "detail", ttl_override: int = None):
"""Store in cache with TTL"""
ttl = ttl_override or self.cache_ttl.get(cache_type, 3600)
self.cache[key] = (data, time.time())
# Usage
cache_client = DetailEndpointCache(api_key)
# First request - API call
detail1 = cache_client.get_cve_detail("CVE-2024-0001") # ~500ms
# Second request - cached
detail2 = cache_client.get_cve_detail("CVE-2024-0001") # ~1ms
# Vendor-specific with caching
cisco_detail = cache_client.get_cve_detail("CVE-2024-0001", vendor="cisco")
Progressive Loading Pattern
Optimize user experience with progressive data loading:
import asyncio
import aiohttp
from typing import Dict, Optional
class ProgressiveCVELoader:
"""Load CVE data progressively for optimal UX"""
def __init__(self, api_key: str):
self.api_key = api_key
self.headers = {"X-API-Key": api_key}
self.base_url = "https://api.cybersecfeed.com/api/v1"
async def load_cve_progressive(self, cve_id: str, callback):
"""Load CVE data in stages, calling callback for each stage"""
async with aiohttp.ClientSession() as session:
# Stage 1: Basic data (fastest)
basic_data = await self._fetch_basic(session, cve_id)
await callback("basic", basic_data)
# Stage 2: Enrichment (medium speed)
enrichment_data = await self._fetch_enrichment(session, cve_id)
await callback("enrichment", enrichment_data)
# Stage 3: Full detail (slowest, if needed)
if self._needs_detail(basic_data, enrichment_data):
detail_data = await self._fetch_detail(session, cve_id)
await callback("detail", detail_data)
async def _fetch_basic(self, session, cve_id: str) -> Dict:
"""Fetch minimal CVE data"""
url = f"{self.base_url}/cve/{cve_id}"
params = {"fields": "id,cvss,kev,epss"}
async with session.get(url, headers=self.headers, params=params) as response:
return await response.json()
async def _fetch_enrichment(self, session, cve_id: str) -> Dict:
"""Fetch enrichment data"""
url = f"{self.base_url}/cve/{cve_id}"
params = {"include": "enrichment,attack"}
async with session.get(url, headers=self.headers, params=params) as response:
return await response.json()
async def _fetch_detail(self, session, cve_id: str) -> Dict:
"""Fetch full detail data"""
url = f"{self.base_url}/cve/{cve_id}/detail"
async with session.get(url, headers=self.headers) as response:
return await response.json()
def _needs_detail(self, basic_data: Dict, enrichment_data: Dict) -> bool:
"""Determine if full detail is needed"""
# Load detail for high-value CVEs
cve = basic_data.get("data", {}).get("cve", {})
cvss_score = cve.get("cvss", {}).get("baseScore", 0)
has_kev = "kev" in cve
return cvss_score >= 7.0 or has_kev
# Usage example
async def handle_cve_data(stage: str, data: Dict):
"""Handle data as it arrives"""
if stage == "basic":
print(f"Quick display: CVE {data['data']['cve']['id']}")
# Update UI with basic info immediately
elif stage == "enrichment":
print("Adding enrichment data to display")
# Enhance UI with enrichment
elif stage == "detail":
print("Full detail loaded")
# Show complete information
async def main():
loader = ProgressiveCVELoader(api_key)
await loader.load_cve_progressive("CVE-2024-0001", handle_cve_data)
# Run progressive loading
asyncio.run(main())
7. Use Case-Specific Optimizations
High-Frequency Monitoring
class HighFrequencyMonitor:
"""Optimized for frequent checks with minimal data"""
def __init__(self, api_key):
self.client = OptimizedCyberSecFeedClient(api_key)
self.last_check = None
def check_new_critical_cves(self):
"""Fast check for new critical CVEs"""
# Use minimal fields for speed
params = {
'severity_min': 9.0,
'limit': 10,
'fields': 'id,published,cvss.baseScore'
}
if self.last_check:
params['published_after'] = self.last_check
response = self.client.session.get(
'https://api.cybersecfeed.com/api/v1/cves',
params=params
)
self.last_check = datetime.utcnow().isoformat()
return response.json()
Bulk Data Analysis
class BulkAnalyzer:
"""Optimized for processing large datasets"""
def __init__(self, api_key):
self.api_key = api_key
def analyze_cve_list(self, cve_ids):
"""Analyze large CVE list with optimal batching"""
# Process in chunks with minimal data
results = []
chunk_size = 50
for i in range(0, len(cve_ids), chunk_size):
chunk = cve_ids[i:i + chunk_size]
response = requests.get(
'https://api.cybersecfeed.com/api/v1/cves',
params={
'ids': ','.join(chunk),
'fields': 'id,cvss.baseScore,kev,epss.score'
},
headers={'X-API-Key': self.api_key}
)
if response.status_code == 200:
chunk_data = response.json()['data']['cves']
results.extend(chunk_data)
return self.calculate_risk_metrics(results)
def calculate_risk_metrics(self, cves):
"""Fast risk calculation on minimal data"""
metrics = {
'total_cves': len(cves),
'critical_count': 0,
'kev_count': 0,
'high_epss_count': 0,
'avg_cvss': 0
}
total_cvss = 0
for cve in cves:
cvss_score = cve.get('cvss', {}).get('baseScore', 0)
total_cvss += cvss_score
if cvss_score >= 9.0:
metrics['critical_count'] += 1
if cve.get('kev'):
metrics['kev_count'] += 1
if cve.get('epss', {}).get('score', 0) > 0.7:
metrics['high_epss_count'] += 1
metrics['avg_cvss'] = total_cvss / len(cves) if cves else 0
return metrics
7. Performance Monitoring
Response Time Tracking
import time
from collections import defaultdict
class PerformanceTracker:
def __init__(self):
self.metrics = defaultdict(list)
def track_request(self, operation, func, *args, **kwargs):
"""Track request performance"""
start_time = time.time()
try:
result = func(*args, **kwargs)
success = True
except Exception as e:
result = None
success = False
duration = time.time() - start_time
self.metrics[operation].append({
'duration': duration,
'success': success,
'timestamp': time.time()
})
return result
def get_stats(self, operation):
"""Get performance statistics"""
if operation not in self.metrics:
return None
durations = [m['duration'] for m in self.metrics[operation] if m['success']]
if not durations:
return None
return {
'count': len(durations),
'avg': sum(durations) / len(durations),
'min': min(durations),
'max': max(durations),
'p95': sorted(durations)[int(len(durations) * 0.95)]
}
# Usage
tracker = PerformanceTracker()
# Track CVE requests
def get_cve_tracked(cve_id):
return tracker.track_request(
'cve_detail',
lambda: requests.get(
f"https://api.cybersecfeed.com/api/v1/cve/{cve_id}",
headers={'X-API-Key': api_key}
).json()
)
# Get performance stats
stats = tracker.get_stats('cve_detail')
print(f"Average response time: {stats['avg']:.3f}s")
print(f"95th percentile: {stats['p95']:.3f}s")
8. Optimization Checklist
Pre-Optimization Audit
- Identify which enrichment data you actually use
- Review field usage - are you reading all returned fields?
- Check for duplicate or unnecessary API calls
- Measure current response times and bandwidth usage
Implementation
- Implement parameter-based data loading (
includeparameters) - Add field projection for targeted data retrieval
- Set up proper ETag-based caching
- Use batch operations for multiple CVE lookups
- Configure connection pooling and timeouts
Monitoring
- Track response times and cache hit rates
- Monitor credit usage via
/api/v1/usageendpoint (0 credits) - Set up alerts for performance degradation and credit efficiency
- Regular performance testing with realistic v1.5 feature usage
- Track enterprise batch savings and field selection effectiveness
Advanced Optimizations
- Implement application-level caching with TTL
- Use async processing for bulk operations
- Consider CDN or proxy caching for frequently accessed data
- Optimize data processing pipelines for minimal memory usage
Enterprise Performance Gains (v1.5)
Following this v1.5 optimization guide delivers transformational results:
| Optimization | Performance Improvement | Bandwidth Reduction | Credit Efficiency |
|---|---|---|---|
| Advanced Field Selection | 30-60% faster | 85% less | Same 5 credits, minimal data |
| Enterprise Batch Operations | 50x faster (bulk) | Overhead eliminated | 86% credit savings |
| Smart Sorting & Filtering | 20-40% faster queries | Targeted results | Precise data retrieval |
| ETag Caching | 80-95% faster (cached) | 95%+ reduction | Near-zero credit usage |
| Combined v1.5 Features | 10-50x improvement | 85-95% reduction | Massive enterprise savings |
Real-World Enterprise Impact
| Scenario | Before (Individual) | After (v1.5 Enterprise) | Improvement |
|---|---|---|---|
| 1000 CVE Analysis | 5,000 credits, 50+ seconds | 700 credits, 2-5 seconds | 86% cheaper, 90% faster |
| Daily SOC Monitoring | 1,000 credits/day | 150 credits/day | 85% cost reduction |
| Compliance Reporting | High bandwidth, slow | Field-selected, instant | 95% bandwidth savings |
| Threat Intelligence | Multiple API calls | Single batch + enrichment | Enterprise efficiency |
These v1.5 optimizations deliver enterprise-grade performance while dramatically reducing credit consumption and providing superior user experience through ultra-fast response times.