API of the month: api.first.org

Description

The Forum of Incident Response and Security teams (FIRST) offers an API to a subset of their database exposing teams.

„The Teams public information (available at http://www.first.org/members/teams) is available for querying using the method/data model /teams. This is the available endpoint for this data source:“

FIRST API screenshot

Pricing

The API is free and comes at no charge.

Signing up for the

Example 1

As an example, I have a script that can be a subroutine of an abuse handling process where the input is the name of the organisation an IP belongs to (based on Whois) the script is tasked to find a suitable responsible party who can deal with abuse handling.

Example 2

Second example, the input is a country, that might be revealed by using whois data for a particular IP, triaging the source to a specific country. The lookup should return a suitable national incident response team to assist in abuse handling.

Target audience

  • Incident responders who want to automate notification or lookup of peer teams
  • abuse handlers to lookup responsible CERT / CSIRTs or national Incident Response teams

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.