Skip to content
Signals
Monitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real timeMonitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real time
Dragons Community

Threat Actor

Threat Actor API

Access threat actor profiles with aliases, TTPs, target sectors and campaign history. All profiles are fictional and for educational/defensive use only.

Safety level: Restricted. All responses are editorially reviewed, redacted and safe for enterprise consumption. No raw IOC data, dark web content, exploit code or stolen credentials.

Example use cases

  • Threat landscape briefings
  • MITRE ATT&CK mapping for detection engineering
  • Executive risk reporting
  • Red team scenario planning

Endpoints

GET/api/v1/threat-actors

List Threat Actors

Threat Actors · Enterprise

GET/api/v1/threat-actors/:id

Get Threat Actor

Threat Actors · Enterprise

Threat Actor Response

Threat actor profile with aliases, TTPs and targeting information.

id*

Actor profile identifier

string

name*

Primary actor name

string

type*

Actor type: apt, ransomware, cybercrime, hacktivist

string

aliases

Known aliases

string[]

targetSectors*

Targeted industry sectors

string[]

observedTtps

MITRE ATT&CK technique IDs

string[]

confidence*

Attribution confidence: low, medium, high

string
{ "id": "ta-001", "name": "Fictional APT Group", "type": "apt", "aliases": "[\"Mock Alias\"]", "targetSectors": "[\"Technology\", \"Finance\"]", "observedTtps": "[\"T1566.001\"]", "confidence": "high" }

Safety notes

All threat actor profiles are entirely fictional.

No real group identities, operational capabilities or tooling specifics disclosed.

MITRE ATT&CK references are for educational mapping only.

Threat Actor API — Enterprise API | Dragons Community