The comprehensive list of the ThreatExchange APIs and the related endpoints.
Subjective context provided by a ThreatExchangeMember for a ThreatIndicator.
Participant within ThreatExchange.
Indicator of compromise.
Label to group threat objects together.
Type of indicator being described by a ThreatIndicator object.
Defines how accurately the threat intelligence detects its intended target, victim or actor.
Defines who can access the threat intelligence.
Description of how the threat intelligence was vetted.
Description of the threat dangerousness associated with a ThreatIndicator object. The order of the values below are ordered from least severe to most severe.
Type of signature format described by a ThreatIndicator object.
ShareLevelType (aka Traffic Light Protocol or TLP)
Designation of how any object in ThreatExchange may be re-shared both within and outside of ThreatExchange, based on the US-CERT's Traffic Light Protocol.
Description of the maliciousness of any object within ThreatExchange.
Prefered way of downloading all the data for a collaboration and staying in sync with updates. Not enabled for all privacy groups. See page for details.
Enables searching for descriptors (opinions on content or indicators).
Enables searching for indicators.
Enables searching for threat tags.
Returns a list of current members of the ThreatExchange.