Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.socdefenders.ai/llms.txt

Use this file to discover all available pages before exploring further.

SOC Defenders enforces rate limits to ensure consistent performance for all users. Limits apply per API key and reset on a rolling basis. If you exceed a limit, the API returns a 429 Too Many Requests response until the window resets.

Limits by tier

LimitFreePro
Requests per minute101,000
Requests per day1,0001,000,000
Results per request10010,000
IOC lookback period1 day365 days
Article lookback7 days365 days
If your use case requires higher throughput, a longer lookback period, or more results per request, upgrade to the Pro tier. See Pricing for details.

Rate limit response headers

Every API response includes headers that tell you your current usage against the active limit:
HeaderDescription
X-RateLimit-LimitMaximum requests allowed in the current window
X-RateLimit-RemainingRequests remaining in the current window
X-RateLimit-ResetUnix timestamp (UTC) when the current window resets
Monitor these headers in your integration to stay within your quota and back off proactively before hitting a limit.

429 Too Many Requests

When you exceed a rate limit, the API responds with: 
HTTP/1.1 429 Too Many Requests
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1716000060

{
  "error": {
    "code": "rate_limit_exceeded",
    "message": "You have exceeded your request limit. Check the X-RateLimit-Reset header for when your quota resets.",
    "request_id": "req_..."
  }
}
Wait until the timestamp in X-RateLimit-Reset before retrying. Use exponential backoff for automated retry logic.

Best practices

Use the since parameter for delta polling. Rather than re-fetching the full IOC or article feed on each run, pass a since timestamp to retrieve only records that have changed since your last successful request. This significantly reduces your daily request count. 
curl -H "Authorization: Bearer sk_live_YOUR_KEY" \
  "https://socdefenders.ai/api/v1/iocs?since=2026-05-17T00:00:00Z"
Cache results locally. If multiple services or team members query the same data, fetch it once and distribute from a local cache rather than issuing redundant API calls. Page efficiently. Use the maximum limit your tier allows per request to retrieve more data in fewer calls.