Get ICS Threat Intelligence report

Expand all | Collapse all

The ics/get_one endpoint is used to display specific information for an ICS Threat Intelligence report, identified by publication_id.


Request method: POST


Query parameters:

Expected parameters




ICS Threat Intelligence report ID: the id parameter (a string) returned by the get_list endpoint.


List of the optional parameters separated by comma:

all—All available formats.

pdf—ICS Threat Intelligence report in PDF format.

execsum—Brief report summary for business purposes (executive summary) in PDF format.

yara—ICS Threat Intelligence report in YARA Rules format.

iocs—OpenIOC file that includes description of indicators of compromise.

suricata—File that contains Suricata rules associated with the ICS Threat Intelligence report.


Language for an ICS Threat Intelligence report. The value can be one of the following: ru (Russian), en (English), pt (Portuguese), or es (Spanish). A list of available languages for an ICS Threat Intelligence report is returned by the pdfs in the get_list endpoint. If the lang parameter is not specified, an English version of the ICS Threat Intelligence report will be returned.

Request example:

Retrieve the executive summary and the PDF report for the specific ICS report:

curl -u <user_name> -H 'Content-Length: 0' --cert <full path to the certificate CERT_NAME.pem on your computer> -X POST '{ICS report ID}&include_info=execsum,pdf'


200 OK

401 Unauthorized

403 Forbidden

451 Unavailable For Legal Reasons

See also:

Get ICS Threat Intelligence report list

Get Master IOC

Get Master YARA

Page top