AI Cybersecurity Multi-Agent API
Production-ready API documentation for SOC automation, detection, cloud security, compliance, approvals, threat intelligence, and incident workflows.
Production-ready API documentation for SOC automation, detection, cloud security, compliance, approvals, threat intelligence, and incident workflows.
Login, organization context, JWT access token, and role-based access control.
POST /api/v1/auth/login
Multi-agent registry, tasks, memory, evaluations, and agent overview.
/api/v1/agent-runtime/*
Security event ingestion, detection rules, alerts, and risk scoring.
/api/v1/detection/*
Convert alerts to incidents, add notes, evidence, timeline, and status updates.
/api/v1/cases/*
IOC creation, enrichment, reputation scoring, and alert correlation.
/api/v1/threat-intel/*
Fake tracking links, OTP fraud risk, SIM swap signals, and safe response guidance.
/api/v1/mobile-fraud/*
Cloud accounts, posture scan, public SSH, storage exposure, and IAM risk findings.
/api/v1/cloud-security/*
NIST, ISO27001, SOC2, CIS controls, maturity scoring, and executive reports.
/api/v1/compliance/*
Executive risk score, alerts, incidents, cloud posture, compliance score, and snapshots.
/api/v1/executive-dashboard/*
POST /api/v1/auth/login
{
"email": "rahul@example.com",
"password": "RahulCyber@2026",
"organization_name": "Rahul-SOC-Lab"
}
Use returned access_token as:
Authorization: Bearer <TOKEN>
This platform is defensive-only. Risky response actions require human approval. MVP execution uses safe simulation for block IP, disable user, revoke session, isolate endpoint, and cloud remediation.