> ## Documentation Index
> Fetch the complete documentation index at: https://docs.socdefenders.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Viewing threat intelligence by industry sector

> Filter SOC Defenders IOCs and threat articles by CISA Critical Infrastructure sector. Choose from 24-hour, 7-day, 30-day, or 90-day time windows.

The Industry Threats page organizes IOCs and threat reporting by the industry sectors they target, using the CISA Critical Infrastructure framework as its taxonomy. Instead of filtering a general feed, you get a focused view of the threat landscape relevant to your sector — which campaigns are active, which indicators are circulating, and how the picture has changed over a selected time window.

## Time period filters

Use the period selector to control how far back the data reaches:

| Period       | Use case                                                               |
| ------------ | ---------------------------------------------------------------------- |
| **24 Hours** | Triage active, same-day threats and freshly reported IOCs              |
| **7 Days**   | Review the week's threat activity for weekly briefings or hunting runs |
| **30 Days**  | Identify trending campaigns and recurring threat actors over a month   |
| **90 Days**  | Assess longer-running campaigns and sector-wide threat patterns        |

Select a period at the top of the page; the IOC counts and threat data update immediately.

## CISA Critical Infrastructure sectors

The page organizes data according to CISA's 16 Critical Infrastructure sectors. Each sector aggregates IOCs and threat articles that specifically target or are relevant to that vertical — for example, IOCs from campaigns reported to target energy utilities appear under the Energy sector, not in a general pool.

This mapping lets you answer questions like "what threats are actively targeting the Healthcare sector this week?" without manually tagging or filtering a broader feed.

## API access

You can retrieve industry-filtered IOCs programmatically using the `industry` parameter on the IOC endpoint:

```bash theme={null}
curl -H "Authorization: Bearer YOUR_API_KEY" \
  "https://socdefenders.ai/api/v1/iocs?industry=healthcare&type=ipv4&limit=100"
```

Combine `industry` with other parameters — `type`, `confidence`, `since` — to build precise queries for your SIEM or threat intelligence platform. The full parameter reference is available in the [API documentation](https://socdefenders.ai/docs/api).

To get your API key, go to **Settings → API Keys** in the platform.
