AI Security API
Every security capability. One API.
Threat detection, anomaly scoring, content moderation, vulnerability scanning, malware classification, and authentication risk scoring — all programmatically accessible with sub-100ms latency and full explainability.
Get API accessAPI reference
Endpoints
/v1/threat/analyze/v1/anomaly/score/v1/content/moderate/v1/vulnerability/scan/v1/malware/classify/v1/auth/risk/v1/threat/intel/{ioc}/v1/audit/logsPOST /v1/threat/analyzeThreat Detection
Real-time analysis of logs, network traffic, and payloads for malicious patterns. Aligned to MITRE ATT&CK with confidence scores and SHAP-based explanations on every result.
- Inline inspection under 100ms for real-time use cases
- MITRE ATT&CK-aligned detection coverage
- SHAP explainability — flagged because of X pattern
- Custom YAML detection rules for your environment
- SIEM integration via webhook or Kafka
POST /v1/anomaly/scoreAnomaly Detection
Behavioral baselines and deviation scoring. Score any behavioral event — API calls, login patterns, data access — against established baselines to surface threats before they escalate.
- Automatic baseline learning from historical traffic
- Deviation scoring with configurable sensitivity
- Time-series storage via InfluxDB / TimescaleDB
- Vector similarity matching for novel threat patterns
- Burst handling for DDoS and incident surges
POST /v1/content/moderateContent Moderation
Classify harmful, abusive, or policy-violating content at scale. Configurable confidence thresholds and human-in-the-loop review flows reduce false positives and alert fatigue.
- 40+ content violation categories out of the box
- Configurable confidence thresholds per policy
- Human-in-the-loop review flow for borderline cases
- GDPR / CCPA-compliant — data minimization enforced
- Bidirectional input and output inspection
POST /v1/vulnerability/scanVulnerability Scanning
Analyze code and configuration files for known CVEs and misconfigurations. CI/CD-native with GitHub Actions, GitLab CI, and Jenkins — catch vulnerabilities before they reach production.
- CVE database updated continuously via threat intel feeds
- Misconfiguration detection for cloud and container configs
- CI/CD pipeline integration — blocks on critical findings
- OWASP LLM Top 10 coverage for AI-facing APIs
- On-demand and scheduled scan modes
POST /v1/malware/classifyMalware Classification
Static and dynamic analysis of files and binaries. Multi-model ensemble powered by TorchServe / Triton delivers high-confidence verdicts with reasoning you can act on immediately.
- Static analysis — PE, ELF, Mach-O, scripts, documents
- Dynamic behavioral sandboxing for unknown samples
- Multi-model ensemble for high-confidence verdicts
- Async webhook mode for large file batches
- VirusTotal and MISP threat intel enrichment
POST /v1/auth/riskAuth Risk Scoring
Evaluate login attempts for fraud signals in real time. Risk scores power step-up authentication decisions without adding friction to legitimate users.
- Device, location, and behavioral signal fusion
- Real-time scoring under 50ms for inline auth gates
- OAuth 2.0 integration — drop into any auth flow
- Adaptive thresholds via continuous model retraining
- Explainable output — know exactly why a login was flagged
Architecture
Key design decisions
Every default is chosen for production security workloads. Overrides available for all tiers.
| Decision | Options | Our default |
|---|---|---|
| Protocol | REST vs gRPC | gRPC for low-latency paths; REST for broad compatibility |
| Authentication | API keys vs OAuth 2.0 | OAuth 2.0 for enterprise; API keys for quick integration |
| Response mode | Sync vs async webhook | Sync for real-time inline checks; async for deep scans |
| Model hosting | Self-hosted vs cloud | Self-hosted for sensitive data; cloud for ease of scale |
| Explainability | SHAP, LIME, attention maps | SHAP for tabular signals; attention maps for NLP models |
Start building with the AI Security API
Join hundreds of engineering and security teams who rely on AlektroAI for real-time threat detection and compliance.