The Cloudforce One Threat Events API now supports TAXII as an output format, enabling standardized, automated sharing of cyber threat intelligence with your existing security stack.
Why this matters
- You can now ingest Cloudforce One threat data directly into your SIEM, TIP or SOAR tools that prefer TAXII-formatted streams without needing custom translation scripts.
- By supporting the TAXII format parameter in our API, security teams can automate the synchronization of indicator data, reducing the manual overhead of updating blocklists and detection rules.
- This alignment with industry standards ensures that your threat data remains consistent across different security ecosystems and partner integrations.
How to use it
When calling the Threat Events API, you can now specify taxii in the format query parameter:
GET /accounts/{account_id}/cloudforce_one/threat_events?format=taxii
You can find the updated documentation in the Cloudflare API Reference.
Source: Cloudflare
