TAXII API

Use the Obstracts TAXII API to share structured intelligence through a standards-based workflow that fits existing CTI tools and platforms.

Overview

The Obstracts TAXII API provides a standards-based way to get intelligence out of Obstracts and into other systems.

For teams already working with STIX and TAXII, this is often the simplest path to interoperability. Instead of building a custom integration from scratch, teams can use a familiar CTI sharing model to consume structured intelligence from Obstracts.

Why teams use the TAXII API

The TAXII API is useful when you want a cleaner, lower-friction way to distribute public intelligence into tools that already support TAXII workflows.

That can help teams:

feed structured intelligence into TAXII-capable CTI platforms
make public intelligence available alongside other STIX-based sources
reduce custom integration work where standards-based sharing is enough
support repeatable downstream enrichment and ingestion workflows

Because Obstracts is STIX 2.1 native, TAXII is a natural fit for moving that intelligence between platforms.

Example use cases

Import Obstracts intelligence into an existing CTI platform that already consumes TAXII feeds.
Make trusted-source public intelligence available to teams that work primarily from another system.
Add external STIX data into a broader operational threat intelligence workflow.
Standardise how structured intelligence is distributed across multiple tools.

When to choose TAXII API

Choose the TAXII API when your tooling already understands TAXII and you want the most standards-friendly way to consume Obstracts data.

If you want a more custom integration or application workflow, the REST API will usually be the better option.

Explore next

Want more flexibility for custom tooling and AI workflows? See REST API.
Want a concrete platform example? See OpenCTI Integration.
Want the broader interoperability story? See Scale Security Workflows with AI-Ready Threat Intelligence.