CyberPulse: Global cybersecurity intelligence API — CVE briefs, vulnerability scanning, CISA KEV, OSINT, threat intelligence, ransomware tracking, breach checks, compliance gap analysis, dark web monitoring, and Coverage: Global Endpoints: • cve-brief ($0.10): CVE deep-dive — CVSS, exploitation s...
AI agents call cyberpulse to retrieve information from Pulsenetwork without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
cve | string | — | CVE ID — e.g. CVE-2024-3400 | CVE-2023-44487 | CVE-2021-44228 |
days | string | — | Entries added in last N days (default: 90) |
lang | string | — | Response language: en|es|fr|de|ja|zh|ko|pt|ar|hi (default: en) |
brand | string | — | Brand name or domain — e.g. acme.com | MyCompany |
group | string | — | Ransomware group name — e.g. LockBit | ALPHV | Cl0p | RansomHub (omit for landscape overview) |
action | string | Yes | Which endpoint to call. Options: cve-brief | vuln-scan | cisa-kev | osint | threat-intel | ransomware-intel | breach-check | compliance-gap | dark-web-monitor | |
domain | string | — | Domain to check — e.g. example.com |
filter | string | — | ransomware | recent (alternative to vendor search) |
region | string | — | Region — e.g. North America | Europe | Southeast Asia | MENA | Sub-Saharan Africa | Global (default: Global) |
sector | string | — | Industry sector — e.g. healthcare | finance | SaaS | e-commerce |
target | string | — | Domain or public IP — e.g. example.com | 8.8.8.8 |
vendor | string | — | Vendor/product name — e.g. Cisco | Ivanti | Microsoft | Palo Alto | Fortinet |
Parameters from the server's own tool schema.
CyberPulse is a pure intelligence/research tool. It queries vulnerability databases, threat feeds, and OSINT sources but does not modify, execute, delete, or move money. The 'authorized defensive use' qualifier and absence of any write/execute/destructive operations confirm Read category. Severity is low because misuse yields information disclosure rather than system compromise, financial loss, or data destruction.
From the tool's definition Tool description lists read-only intelligence operations: 'CVE briefs, vulnerability scanning, CISA KEV, OSINT, threat intelligence, ransomware tracking, breach checks, compliance gap analysis, dark web monitoring'.
Risk signalsHigh parameter count (18 properties)
Attacks that exploit this kind of access
CyberPulse: Global cybersecurity intelligence API — CVE briefs, vulnerability scanning, CISA KEV, OSINT, threat intelligence, ransomware tracking, breach checks, compliance gap analysis, dark web monitoring, and Coverage: Global Endpoints: • cve-brief ($0.10): CVE deep-dive — CVSS, exploitation status, patch urgency, remediation • vuln-scan ($0.12): Vulnerability scan — all known CVEs for any software + version • cisa-kev ($0.08): CISA KEV — Known Exploited Vulnerabilities catalog search • osint ($0.15): OSINT — domain and IP intelligence for authorized defensive use • threat-intel ($0.20): Threat intelligence — global threat actors and campaigns by sector and region • ransomware-intel ($0.20): Ransomware intelligence — group profiles, victim patterns, TTPs, defensive playbook • breach-check ($0.15): Breach check — domain breach history and credential exposure intelligence • compliance-gap ($0.25): Compliance gap analysis — global security frameworks (SOC2, ISO27001, GDPR, NIS2, PDPA, POPIA, LGPD...) • dark-web-monitor ($0.20): Dark web monitor — brand and domain underground intelligence (ethical OSINT) • attack-surface ($0.25): Attack surface assessment — external risk analysis for authorized defensive use. It is categorised as a Read tool in the Pulsenetwork MCP Server, which means it retrieves data without modifying state.
cyberpulse accepts 12 parameters: cve, days, lang, brand, group, action, domain, filter, region, sector, target, vendor. Required: action. The full parameter table on this page comes from the server's own tool schema.
Register the Pulsenetwork MCP server in PolicyLayer and add a rule for cyberpulse: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Pulsenetwork. Nothing to install.
cyberpulse is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the cyberpulse rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for cyberpulse. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
cyberpulse is provided by the Pulsenetwork MCP server (https://pulse.theaslangroupllc.com/api/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
cyberpulse is one line of Pulsenetwork's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →