Get Threat Feed Items (Beta)

get

https://api.socket.dev/v0/orgs/{org_slug}/threat-feed

Paginated list of threats, sorted by updated_at by default. Set updated_after to the unix timestamp of your last sync while sorting by updated_at to synchronize all new or updated threats in the feed.

This endpoint requires an Enterprise Plan with Threat Feed add-on. Contact our sales team for more details.

This endpoint consumes 1 unit of your quota.

This endpoint requires the following org token scopes:

threat-feed:list

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

org_slug

string

required

The slug of the organization

Query Params

per_page

integer

1 to 100

Defaults to 30

Number of threats per page

page_cursor

string

Page cursor token. Pass the returned nextPageCursor to this query string to fetch the next page of the threat feed.

sort

string

enum

Defaults to updated_at

Set the sort order for the threat feed items. Default is descending order by updated_at, which includes all new and updated threat feed items.

Allowed:

updated_after

string

A Unix timestamp in seconds that filters results to items only updated after the timestamp.

created_after

string

A Unix timestamp in seconds that filters results to items only created after the date.

direction

string

enum

Defaults to desc

Order direction of the provided sort field.

Allowed:

filter

string

enum

Defaults to mal

Filter by threat classification. Supported values: mal (malware, including possible malware), vuln (vulnerability), typo (typosquat, including possible typosquat), anom (anomaly), spy (telemetry), obf (obfuscated code), dual (dual-use tool), joke (protestware or joke package), tp (all confirmed true positives), fp (false positive), u (unreviewed), c (classified, i.e. anything except unreviewed).

name

string

Filter threats by package name

version

string

Filter threats by package version.

is_human_reviewed

boolean

Defaults to false

Only return threats which have been human-reviewed

ecosystem

string

enum

Filter threats by package ecosystem.

Responses

Language

Credentials

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

200The paginated list of items in the threat feed and the next page cursor.

400Bad request

401Unauthorized

403Insufficient max_quota for API method

404Resource not found

429Insufficient quota for API route