Developer docs
API Reference
Enterprise API endpoint catalog. All endpoints require authentication and are entitlement-gated.
Safety: API responses are editorially reviewed and redacted. No raw IOC hashes, C2 addresses, dark web content, exploit code or stolen credentials are exposed through any endpoint. All data is filtered by plan entitlements.
Authentication
All API requests require a valid API key passed via the Authorization: Bearer dgn_mock_<key> header.
API access is available exclusively to Enterprise plan accounts. Keys are managed in API Settings.
This is a mock reference. No real authentication or API infrastructure exists in this phase.
Enterprise API products
Current: v1Enterprise-only API products for security intelligence integration. All data is redacted and safe for enterprise consumption.
CVE API
CVE · Public
Query CVE records with severity, vendor, date and CVSS filters. Includes EPSS scores and KEV status. No exploit code or proof-of-concept payloads.
IOC API
IOC · Restricted
Retrieve indicators of compromise with type, TLP, confidence and status filters. All values use RFC 5737 documentation ranges — no real malicious infrastructure.
Threat Actor API
Threat Actor · Restricted
Access threat actor profiles with aliases, TTPs, target sectors and campaign history. All profiles are fictional and for educational/defensive use only.
Ransomware API
Ransomware · Sensitive (Redacted)
Monitor ransomware group activity and victim claims. No real victim data, leak site links, ransom amounts or operational instructions included.
Dark Web Mention API
Dark Web · Sensitive (Redacted)
Track brand, domain and credential mentions across mock dark web sources. All content is fictional, redacted and safe for enterprise consumption.
Vendor Risk API
Vendor Risk · Public
Assess vendor security posture based on CVE exposure, patch cadence, threat actor targeting and dark web mentions. Scores are mock samples only.
Custom Feed API
Custom Feed · Restricted
Build custom intelligence feeds that aggregate data from multiple API products with per-tenant filters and output formats. STIX/TAXII formats are planned.
Articles
CVEs
Threat Intelligence
Search
Exports
Account
Watchlists
Threat Actors
GET/api/v1/threat-actors
List Threat Actors
Retrieve threat actor profiles with type, region and sector filters. All profiles are fictional and editorially reviewed.
All threat actor profiles are fictional. No real operational details, tooling specifics or attribution to real groups is provided.
GET/api/v1/threat-actors/:id
Get Threat Actor
Retrieve a single threat actor profile by ID. Includes aliases, TTPs and related campaigns.
Fictional threat actor for educational and defensive analysis only. No real group identities or operational capabilities are disclosed.
Ransomware
Vendor Risk
Custom Feeds
GET/api/v1/custom-feeds
List Custom Feeds
Retrieve configured custom intelligence feeds. Feeds aggregate data from multiple API products with per-tenant filters.
POST/api/v1/custom-feeds/preview
Preview Custom Feed
Preview a custom feed configuration before saving. Returns sample output based on the provided filters and categories.
Preview output is redacted and content-filtered. No raw IOC data or dark web content is included in previews.
Platform
Rate limits
Free Trial
Evaluation access for trial accounts. Strict limits to prevent abuse.
5/min · 100/day
Starter
Low-volume integration tier for lightweight account and watchlist queries.
15/min · 1,000/day
Professional
Standard production tier for CI/CD pipelines and export workflows.
60/min · 10,000/day
Enterprise
High-throughput tier for enterprise integrations. Contact sales for custom limits.
120/min · 50,000/day
Mock notice
This API reference is a mock catalog. No live endpoints, authentication or rate limiting is implemented. All example responses contain sample data only.