Monitoring API v2

Base URL

https://api.cybervault.io/v2

Note: All API requests must use HTTPS. Plain HTTP requests will return a 301 Moved Permanently redirect. Regional endpoints are available via DNS failover (see Regional Routing).

Authentication

Access the Monitoring API using Bearer tokens. Generate tokens via the Developer Console under Settings > API Keys.

curl https://api.cybervault.io/v2/status \
  -H "Authorization: Bearer cv_live_8xK9mP2nQ7vR4wL1" \
  -H "Content-Type: application/json"

import requests

headers = {
    "Authorization": "Bearer cv_live_8xK9mP2nQ7vR4wL1",
    "Content-Type": "application/json"
}

response = requests.get("https://api.cybervault.io/v2/status", headers=headers)
print(response.json())

const response = await fetch('https://api.cybervault.io/v2/status', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer cv_live_8xK9mP2nQ7vR4wL1',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();
console.log(data);

Security Warning: Never commit API keys to public repositories. Use environment variables or a secrets manager. Rotate keys every 90 days via the console.

Endpoints

GET /v2/status Retrieve real-time system health & threat level

Returns the current operational status, active threat level, and last scan timestamp for your registered infrastructure.

Response Object

Field	Type	Description
`status`	string	Current system state: `operational`, `degraded`, `maintenance`
`threat_level`	integer	Scale 0-10. >7 triggers automatic lockdown protocols.
`active_alerts`	integer	Count of unresolved alerts in last 24h.
`last_scan`	ISO8601	Timestamp of the most recent vulnerability scan.

{
  "status": "operational",
  "threat_level": 2,
  "active_alerts": 3,
  "last_scan": "2025-06-14T08:22:14Z",
  "region": "us-east-1"
}

GET /v2/alerts List security alerts with filtering & pagination

Retrieve a paginated list of alerts. Supports filtering by severity, asset, time range, and status.

Query Parameters

Parameter	Type	Required	Description
`severity`	string	Optional	Filter by severity: `critical`, `high`, `medium`, `low`
`status`	string	Optional	`open`, `investigating`, `resolved`, `dismissed`
`limit`	integer	Optional	Max results per page (default: 50, max: 200)
`after`	string	Optional	Cursor for pagination (opaque token from `next_cursor`)

curl "https://api.cybervault.io/v2/alerts?severity=high&limit=10" \
  -H "Authorization: Bearer cv_live_8xK9mP2nQ7vR4wL1"

{
  "data": [
    {
      "id": "alt_9x2kL1mP4nQ7",
      "severity": "high",
      "type": "sql_injection",
      "asset_id": "srv_prod_db_01",
      "created_at": "2025-06-14T14:02:11Z",
      "status": "investigating"
    }
  ],
  "next_cursor": "eyJwYWdlIjoyLCJ0aW1lc3RhbXAiOjE3MTgzNDU2MzF9",
  "has_more": true
}

POST /v2/alerts Create a custom alert or forward third-party findings

Submit external security findings, manual reports, or integrate with custom scanners. CyberVault will ingest, deduplicate, and apply your organization's response playbooks.

Request Body

Field	Type	Required	Description
`type`	string	Required	Vulnerability class: `xss`, `csrf`, `brute_force`, `malware`, `custom`
`asset_id`	string	Required	Targeted asset identifier from your inventory.
`severity`	string	Required	`critical`, `high`, `medium`, `low`
`payload`	object	Optional	Custom metadata, proof, or scanner output.

Rate Limits

API access is throttled based on your subscription tier to ensure platform stability. Limits are applied per API key, not per IP.

Tier	Requests/Minute	Burst Allowance
Starter	60	15
Professional	300	50
Enterprise	1,200	200

Headers: All responses include X-RateLimit-Remaining and X-RateLimit-Reset. When exhausted, the API returns 429 Too Many Requests with a Retry-After header.

Webhooks

Subscribe to real-time events without polling. Configure endpoints in the console or via the API.

Event Types

alert.created - New security alert detected
alert.resolved - Alert marked as resolved
asset.vulnerable - New vulnerability found
compliance.failed - Audit check failed

Signature Verification

All webhook payloads are signed using HMAC-SHA256. Verify the X-CV-Signature header against your webhook secret before processing.

// Python verification example
import hmac
import hashlib

def verify_webhook(payload, signature, secret):
    expected = hmac.new(
        secret.encode(), 
        payload, 
        hashlib.sha256
    ).hexdigest()
    return hmac.compare_digest(expected, signature)

Official SDKs

Accelerate integration with our officially maintained client libraries. All SDKs include auto-retry, exponential backoff, and type hints.

Language	Package	Repository
Python	`pip install cybervault`	GitHub
Node.js	`npm install @cybervault/sdk`	GitHub
Go	`go get github.com/cybervault/go-sdk`	GitHub
Rust	`cargo add cybervault`	GitHub

Changelog

v2.4.1 (Jun 10, 2025)

• Added X-RateLimit-Burst header to all responses

• Fixed pagination cursor overflow on large datasets

• Webhook retry policy now supports configurable exponential backoff

v2.3.0 (May 22, 2025)

• Introduced /v2/alerts batch creation endpoint

• Added Rust and Deno SDK support