The IBM X-Force Exchange Commercial API offers rich contextual information on a wide range of threat intelligence – including synthesized collections of information focused on specific actors, threats, attacks and vulnerabilities. This application program interface (API) provides reliable and up-to-date contextual information on observable threats. It also helps to obtain synthesized information on a security incident or investigation. It simplifies integration because it supports multiple formats.

  • Get the latest threat intelligence necessary for investigations – from threat indicators to synthesized collections that describe actors, campaigns, attacks and more
  • Gain more access to security investigations through X-Force Exchange’s information on specific security investigations, known as collections
  • Integrate with other security solutions using STIX and TAXII standards by accessing the information through a RESTful API
  • Consider a commercial license with the X-Force Exchange Commercial API. As a companion to the no-charge offering, this optional commercial license is suited for enterprises and technology partners who require a formally supported, non-rate-limited solution

Get the latest threat intelligence

  • Gain access to reputation scores for more than 860k malicious IP addresses analyzed for risk score, geolocation, categorization and URL filtering/reputation. More than 32 billion web pages and images are analyzed for risk score and categorization
  • Find domain information such as passive Domain Name Service (DNS) information and WHOIS information
  • Get comprehensive intelligence on more than 100,000 vulnerabilities – including Common Vulnerability Scoring System (CVSS) score, exploit characteristic and consequences, remedy information and affected products
  • Provides malware indicators that include first and last observance and associated hash values
  • Gain access to web application intelligence – including risk scores, categorization and associated actions

Gain more access to security investigations

  • Creates collections to synthesize indicators and artifacts into campaigns or threat actors. Additionally, collections can describe tactics (or tools) and techniques and procedures (TTPs)
  • Collections consist of both unstructured and structured content, such as user-provided descriptions. It covers the collection type, such as malware or vulnerability, as well as the associated indicators and observables that are relevant to that particular collection

Integrate with other security solutions

  • Enables subscribers to incorporate threat intelligence from X-Force Exchange into their operations – whether a Security Operations Center (SOC) for an enterprise or a Development Operations (DevOps) environment for a technical business partner
  • Supports both JavaScript Object Notation (JSON) and Structured Threat Information eXpression (STIX) over Trusted Automated eXchange of Indicator Information (TAXII) interface methods
  • Conceived and built on IBM Cloud infrastructure for reliable, secure and scalable service across a range of use cases

Consider a commercial license

  • Integrates X-Force content into your own security offerings and services. The terms of use for X-Force threat intelligence obtained through the X-Force Exchange Commercial API grants this ability
  • The no-charge API offering provides rate-limited content for users with minimal threat intelligence needs and non-commercial use cases