Skip to content
Signals
Monitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real timeMonitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real time
Dragons Community

Enterprise feeds

Custom Feed Templates

Pre-configured intelligence feed templates that aggregate data from multiple API products. Enterprise-only.

All feed output is redacted and content-safe. JSON and CSV are future delivery formats. STIX output is planned for v1.1. TAXII is a mock/planned integration. No real feed delivery infrastructure exists in this phase.

Output formats

JSON

Planned

Structured JSON feed output

CSV

Planned

Flat CSV for spreadsheet import

STIX

Planned (v1.1)

STIX 2.1 bundle format

TAXII

Mock / Planned

TAXII 2.1 collection endpoint

Critical CVE Feed

High and critical severity CVEs with KEV status and EPSS scores. Ideal for vulnerability management teams needing priority alerts.

enterprise

Categories

CVE

Filters

severity: critical, high

cvss >= 7.0

publishedAt: last 30 days

Formats

jsoncsv

No exploit code or proof-of-concept payloads. CVSS scores and vendor advisories only.

Ransomware Claims Feed

New ransomware victim claims aggregated across mock monitoring sources. Sector and region filters available.

enterprise

Categories

Ransomware

Filters

status: unverified, confirmed

impactLevel: critical, high

claimDate: last 7 days

Formats

jsoncsv

No real victim data, leak site links or negotiation details. All claims are fictional.

Brand Mentions Feed

Dark web brand and domain mentions with severity scoring. Designed for brand protection and fraud prevention teams.

enterprise

Categories

Dark Web

Filters

mentionType: brand, domain, credential_claim

severity: medium, high, critical

Formats

jsoncsv

No real dark web URLs, credentials or stolen data. All content is fictional and redacted.

High Confidence IOC Feed

IOCs with high confidence and active status for automated blocking and detection rule generation.

enterprise

Categories

IOC

Filters

confidence: high

status: active

tlp: clear, green

Formats

jsoncsvstix

All indicators use RFC 5737 documentation ranges. No real malicious infrastructure. STIX output is planned.

Executive Briefing Feed

Consolidated daily briefing combining critical CVEs, active ransomware claims and high-severity dark web mentions.

enterprise

Categories

CVERansomwareDark WebThreat Actor

Filters

severity: critical, high

publishedAt: last 24 hours

Formats

json

Briefing content is editorially reviewed and safe for executive consumption. No technical exploit details.

Related

Custom Feed API product →API changelog →API settings →

Mock notice

Custom feeds are a mock catalog. No real feed delivery, scheduling or output generation exists. All templates are sample configurations.

Custom Feeds — API Documentation | Dragons Community