The Industry Threats page organizes IOCs and threat reporting by the industry sectors they target, using the CISA Critical Infrastructure framework as its taxonomy. Instead of filtering a general feed, you get a focused view of the threat landscape relevant to your sector — which campaigns are active, which indicators are circulating, and how the picture has changed over a selected time window.Documentation Index
Fetch the complete documentation index at: https://docs.socdefenders.ai/llms.txt
Use this file to discover all available pages before exploring further.
Time period filters
Use the period selector to control how far back the data reaches:| Period | Use case |
|---|---|
| 24 Hours | Triage active, same-day threats and freshly reported IOCs |
| 7 Days | Review the week’s threat activity for weekly briefings or hunting runs |
| 30 Days | Identify trending campaigns and recurring threat actors over a month |
| 90 Days | Assess longer-running campaigns and sector-wide threat patterns |
CISA Critical Infrastructure sectors
The page organizes data according to CISA’s 16 Critical Infrastructure sectors. Each sector aggregates IOCs and threat articles that specifically target or are relevant to that vertical — for example, IOCs from campaigns reported to target energy utilities appear under the Energy sector, not in a general pool. This mapping lets you answer questions like “what threats are actively targeting the Healthcare sector this week?” without manually tagging or filtering a broader feed.API access
You can retrieve industry-filtered IOCs programmatically using theindustry parameter on the IOC endpoint:
industry with other parameters — type, confidence, since — to build precise queries for your SIEM or threat intelligence platform. The full parameter reference is available in the API documentation.
To get your API key, go to Settings → API Keys in the platform.