Get information about Tego's threat intelligence APIs.
Tego provides information for when a threat was first seen, whether or not it is still active, and continually enriches, checking risk scores and whether or not the threat is still active, to ensure that our intelligence is up-to-date and relevant.
Tego brings in threat data/intelligence from over 45 different sources, open and closed, and does the work of de-duplicating and enriching to turn the data into actionable threat intelligence.
Tego provides additional details about the threats through our enrichment/details API to give specific details about the threat.
A license is required for calling Tego's API. After receiving one, make sure to add that license as a header when making requests.
For example, here's a curl request to get a single threat from the TTIP API:curl https://ti.tegocyber.com/api/Main/get/1 -H "license: myLicenseGoesHere"
The secret to Tego's vetted and curated Threat Intelligence has been taking the approach of quality in, quality out. Tego focuses on providing high fidelity and highly contextualized threat intelligence. Tego's applies constant enrichment and the aging of threat intelligence in addition to time-boxing the threats to when they were actually in use by threat actors. Rather than focusing on providing billions of IOCs which generate a massive amount of noise for SecOps teams, Tego focuses a smaller sub-set of verified threats.
Tego will provide a license key for access to our API. You can call the API as frequently as you like; we recommend pulling the data every 30 minutes to 1 hour.
Tego pulls data from over 45 different sources of threat data/intelligence, including free and paid-for subscriptions. Our platform sends the data through an enrichment process to turn the data into actionable threat intelligence.
Curated threat intelligence is high-quality, high-fidelity, and highly contextualized threat information that is gathered from a variety of sources, including threat feeds, threat sharing communities, and Tego's own research team. This intelligence is used to enrich security data with additional information, such as threat indicators, malware signatures, and attack tactics, techniques, and procedures (TTPs).
To get started with Tego Cyber, please contact our sales team. We would be happy to help you get started and answer any questions you may have.
.svg)