> ## Documentation Index
> Fetch the complete documentation index at: https://docs.socdefenders.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# SOC Defenders: Threat Intelligence for Security Teams

> SOC Defenders aggregates cybersecurity news and IOCs from 30+ sources, with a REST and TAXII API to feed your SIEM and security tools.

SOC Defenders is a threat intelligence platform built for SOC analysts and security teams. It continuously aggregates cybersecurity news, indicators of compromise (IOCs), and CVE data from more than 30 sources — and surfaces it through a filterable feed, a public REST API, and a TAXII 2.1 server that plugs directly into Splunk, Microsoft Sentinel, Elastic, and other SIEMs.

<CardGroup cols={2}>
  <Card title="Quick Start" icon="rocket" href="/quickstart">
    Make your first API call in minutes. Get an API key and pull live threat data.
  </Card>

  <Card title="API Reference" icon="code" href="/api-reference/overview">
    Full reference for every endpoint — IOCs, articles, STIX, TAXII, and more.
  </Card>

  <Card title="Platform Guide" icon="shield-halved" href="/platform/news-feed">
    Explore the threat feed, IOC lookup, CVE database, and community features.
  </Card>

  <Card title="Integrations" icon="plug" href="/integrations/siem-overview">
    Connect SOC Defenders to Splunk, Microsoft Sentinel, Elastic, and more.
  </Card>
</CardGroup>

## Get up and running

<Steps>
  <Step title="Create an account">
    Sign up at [socdefenders.ai](https://socdefenders.ai) — the Free tier requires no credit card.
  </Step>

  <Step title="Generate an API key">
    Go to **Settings → API Keys** and create your first key. Your key starts with `sk_live_`.
  </Step>

  <Step title="Make your first request">
    Call the IOC list endpoint with your key to pull the latest indicators:

    ```bash theme={null}
    curl -H "Authorization: Bearer sk_live_YOUR_KEY" \
      "https://socdefenders.ai/api/v1/iocs?type=ipv4&limit=10"
    ```
  </Step>

  <Step title="Integrate with your stack">
    Use the [SIEM integration guides](/integrations/siem-overview) or explore [export formats](/formats/overview) like STIX 2.1, MISP, or Sigma rules.
  </Step>
</Steps>

## What's included

<CardGroup cols={2}>
  <Card title="IOC Feed" icon="bug" href="/platform/ioc-lookup">
    IPv4, IPv6, domains, URLs, file hashes, CVEs, MITRE ATT\&CK techniques, and email indicators — updated continuously.
  </Card>

  <Card title="CVE Database" icon="triangle-exclamation" href="/platform/cve-database">
    Browse and search CVEs enriched with CISA KEV status and EPSS exploit probability scores.
  </Card>

  <Card title="Industry Threats" icon="industry" href="/platform/industry-threats">
    IOCs and threat data segmented by CISA Critical Infrastructure sectors.
  </Card>

  <Card title="Export Formats" icon="file-export" href="/formats/overview">
    STIX 2.1, TAXII 2.1, MISP, CEF/Syslog, OpenIOC, Sigma rules, JSON, and CSV.
  </Card>
</CardGroup>
