ADT-4 Pro Model Release:The definitive threat intelligence for the AI eraRead the research paper
Developers

Build on the
autonomous defense layer.

The PulseADT REST API gives you direct access to threat events, evidence artifacts, asset posture, and actuation controls. Build integrations, automate workflows, and ship product with security at the core.

Get API Key See endpoints
REST
API architecture
Bearer
Authentication
1K/min
Base rate limit
JSON
Response format
Quickstart

Up and running
in 10 minutes.

01

Get your API key

Log into your PulseADT dashboard and navigate to Settings → API Keys. Create a key and assign the scopes you need. Keys inherit your organisation permissions.

02

Make your first request

Use curl, Postman, or any HTTP client. Pass your key as a Bearer token. The /v1/threats endpoint returns your live threat event feed immediately.

03

Register a webhook

POST to /v1/webhooks with your endpoint URL. PulseADT will begin delivering signed events for every threat confirmation and containment action in real time.

curl example
# Authenticate and fetch threats
curl -X GET \
  https://api.getpulseadt.com/v1/threats \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"severity":"CRITICAL","limit":10}'

# Response
{
  "data": [
    {
      "id": "thr_9xKmPqZ",
      "severity": "CRITICAL",
      "status": "contained",
      "asset": "prod-db-01",
      "chain": [
        "Anomalous authentication",
        "Privilege escalation",
        "Data access attempt"
      ],
      "contained_at": "2026-03-09T14:22:01Z",
      "evidence_id": "evt_8k2mNpQx"
    }
  ],
  "total": 1,
  "page": 1
}
API Reference

Core endpoints.

GET/v1/threats

List all threat events for your organisation with optional severity and time filters.

GET/v1/threats/{id}

Retrieve a single threat event including full hypothesis chain and evidence references.

GET/v1/assets

List all protected assets, their current risk posture, and active coverage layers.

POST/v1/actuation/contain

Trigger an autonomous containment action on a specific asset or session.

GET/v1/evidence/{id}

Retrieve a cryptographically signed evidence artifact for audit or compliance submission.

GET/v1/signals

Pull raw ADT signal feed within a time window. Useful for SIEM ingestion pipelines.

GET/v1/compliance/controls

List all active compliance controls and their current pass/fail status.

POST/v1/webhooks

Register a webhook endpoint to receive real-time push notifications for threat events.

POST/v1/vapt/scans

Launch a new VAPT scan job. Specify target, scan_type (full, quick, web_app, network, ssl, api_testing, cis_compliance, cloud_posture), and tools_enabled.

GET/v1/vapt/scans

List all VAPT scan jobs for your organisation. Filter by status (queued, running, completed, failed).

GET/v1/vapt/scans/{id}

Get the status, progress, and full results of a specific VAPT scan job including all tool findings.

GET/v1/vapt/scans/{id}/findings

Retrieve paginated findings for a completed scan. Filter by severity (critical, high, medium, low).

DELETE/v1/vapt/scans/{id}

Cancel a queued or running scan job.

Full interactive API reference with request/response schemas is available inside your dashboard after signing up.

Official SDKs

Your language.
Our library.

Node.jsAvailable
npm install @pulseadt/sdk
PythonAvailable
pip install pulseadt
GoAvailable
go get github.com/glemadai/pulseadt-go
JavaComing Soon
maven: com.glemad:pulseadt-java
RubyComing Soon
gem install pulseadt
PHPComing Soon
composer require glemad/pulseadt
Guides

Everything you need
to build.

Authentication

API keys are issued per organisation. All requests are authenticated via Bearer token. Keys can be scoped to read-only, write, or actuation-enabled.

Read guide

Webhooks

Register one or more HTTPS endpoints. PulseADT delivers signed payloads on threat confirmation, containment, and evidence generation events.

Read guide

Quickstart

Authenticate, fetch your first threat event, and register a webhook in under 10 minutes. Language examples in Node.js, Python, and Go.

Read guide

SDKs

Official SDKs wrap the REST API with typed models, error handling, and retry logic. Available for Node.js, Python, and Go today.

Read guide

Postman Collection

Import the full PulseADT API collection into Postman. Pre-configured with environment variables for quick exploration and testing.

Read guide

Rate Limits

All plans include a baseline of 1,000 requests per minute. Eagle Max and Enterprise accounts can request higher limits for pipeline workloads.

Read guide
Start Building

Get your API key now.

Sign up for a free trial and your API key is available immediately. No credit card. Full API access from day one.

Start Free Trial Talk to our engineering team