{
  "schema_version": "1.0",
  "name": "CyberPulse",
  "description": "Global cybersecurity intelligence API — CVE briefs, vulnerability scanning, CISA KEV, OSINT, threat intelligence (60+ countries, nation-state APTs + eCrime), ransomware group tracking, breach checks, compliance gap analysis (SOC2/ISO27001/GDPR/NIS2/PDPA/POPIA/LGPD), dark web monitoring, and attack surface assessment. Authoritative NVD + CISA data. x402 USDC micropayments on Base.",
  "url": "https://cyberpulse-six.vercel.app",
  "api": { "type": "openapi", "url": "https://cyberpulse-six.vercel.app/openapi.json" },
  "auth": {
    "type": "x402",
    "network": "eip155:8453",
    "asset": "USDC",
    "payment_address": "0x50ab2018c06c6E4eAA9BA52057Eb55eD284912fc",
    "price_range_usdc": "0.08–0.25"
  },
  "capabilities": [
    "cve_intelligence",
    "vulnerability_scanning",
    "cisa_kev_analysis",
    "osint_domain_ip",
    "threat_intelligence",
    "ransomware_tracking",
    "breach_detection",
    "compliance_gap_analysis",
    "dark_web_monitoring",
    "attack_surface_assessment"
  ],
  "data_sources": [
    "NIST NVD REST API v2 — full CVE database, CVSS scores, affected products",
    "CISA KEV — Known Exploited Vulnerabilities catalog, updated daily",
    "Shodan InternetDB — open ports and CVEs for internet-facing IPs (free, no key)",
    "OSV — Google Open Source Vulnerabilities (npm, PyPI, Maven, Go, crates.io, NuGet)",
    "Tavily — real-time threat intelligence, breach news, ransomware tracking"
  ],
  "coverage": {
    "frameworks": ["SOC2", "ISO27001", "GDPR", "HIPAA", "PCI-DSS", "NIST-CSF", "NIS2", "PDPA", "POPIA", "LGPD", "CCPA", "FISMA", "CMMC"],
    "threat_actors": "Nation-state (CN/RU/NK/IR) + eCrime groups + ransomware operators globally",
    "languages": ["en", "es", "fr", "de", "ja", "zh", "ko", "pt", "ar", "hi"],
    "geographic_scope": "Global — not US-centric"
  },
  "endpoints": [
    { "path": "/api/cyber/cve-brief", "method": "GET", "summary": "CVE deep-dive — CVSS, exploitation, patch urgency", "price_usdc": 0.10, "required_params": ["cve"], "model": "claude-haiku-4-5-20251001" },
    { "path": "/api/cyber/vuln-scan", "method": "GET", "summary": "Vulnerability scan for any software + version", "price_usdc": 0.12, "required_params": ["software"], "optional_params": ["version", "ecosystem"], "model": "claude-haiku-4-5-20251001" },
    { "path": "/api/cyber/cisa-kev", "method": "GET", "summary": "CISA KEV catalog — filter by vendor, date, or ransomware", "price_usdc": 0.08, "required_params_note": "vendor OR filter required", "model": "claude-haiku-4-5-20251001" },
    { "path": "/api/cyber/osint", "method": "GET", "summary": "OSINT — domain/IP intelligence for authorized defensive use", "price_usdc": 0.15, "required_params": ["target"], "model": "claude-haiku-4-5-20251001" },
    { "path": "/api/cyber/threat-intel", "method": "GET", "summary": "Global threat intelligence by sector and region", "price_usdc": 0.20, "required_params": ["industry"], "optional_params": ["region"], "model": "claude-sonnet-4-6" },
    { "path": "/api/cyber/ransomware-intel", "method": "GET", "summary": "Ransomware group profiles and global landscape", "price_usdc": 0.20, "optional_params": ["group"], "model": "claude-sonnet-4-6" },
    { "path": "/api/cyber/breach-check", "method": "GET", "summary": "Domain breach history and credential exposure", "price_usdc": 0.15, "required_params": ["domain"], "model": "claude-haiku-4-5-20251001" },
    { "path": "/api/cyber/compliance-gap", "method": "GET", "summary": "Global compliance gap analysis — 13 frameworks", "price_usdc": 0.25, "required_params": ["framework"], "optional_params": ["sector"], "model": "claude-sonnet-4-6" },
    { "path": "/api/cyber/dark-web-monitor", "method": "GET", "summary": "Dark web monitoring for any brand or domain", "price_usdc": 0.20, "required_params": ["brand"], "model": "claude-sonnet-4-6" },
    { "path": "/api/cyber/attack-surface", "method": "GET", "summary": "External attack surface assessment", "price_usdc": 0.25, "required_params": ["company", "domain"], "model": "claude-sonnet-4-6" }
  ],
  "use_cases": [
    "AI security agents monitoring CVEs for affected software in a tech stack",
    "SOC analysts checking exploitation status of CVEs in their environment",
    "CISOs getting threat intelligence briefs for board reporting",
    "Compliance teams assessing gaps before a SOC2 or ISO27001 audit",
    "Developers scanning dependencies for known vulnerabilities",
    "Security teams checking if their domain appears in breach databases",
    "Global organizations understanding applicable compliance frameworks (NIS2, PDPA, POPIA)",
    "Incident responders getting ransomware group TTPs and IOCs"
  ],
  "security_note": "All endpoints designed for authorized defensive security use. OSINT and attack surface endpoints use publicly available data only. Does not enable offensive operations.",
  "llms_txt": "https://cyberpulse-six.vercel.app/llms.txt",
  "contact": "info@theaslangroupllc.com",
  "provider": "The Aslan Group LLC"
}