GreyNoise Intelligence collects and analyzes Internet-wide scan and attack traffic from a global network of sensors. Use GreyNoise to contextualize alerts, filter false positives, identify compromised devices, prioritize vulnerabilities by in-the-wild exploitation, and track emerging threats. The platform exposes a free Community API and a paid Enterprise API surface (IP Lookup, GNQL, RIOT/Business Services, Tags, CVE, Sessions, Callback, Recall, IP Timeline, Utility) plus an MCP server for AI workflows.
APIs.json: https://www.greynoise.io
- Security
- Threat Intelligence
- Cybersecurity
- IP Reputation
- Vulnerability Management
- Network Telemetry
- SOC Automation
- Public APIs
- Created: 2026-05-28
- Modified: 2026-05-30
Unified GreyNoise API surface spanning the free Community endpoint and the paid Enterprise endpoints. Covers IP intelligence, GNQL query language, sessions / packet telemetry, CVE exploitation telemetry, callback IP intelligence, tag taxonomy, IP timelines, and recall time-series queries.
- Human URL: https://docs.greynoise.io
- Base URL:
https://api.greynoise.io
- Security
- Threat Intelligence
- IP Reputation
- Documentation
- API Reference
- OpenAPI — OpenAPI Specification
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
- Authentication
- Getting Started
- Quickstart
- Arazzo Workflows — Arazzo Specification
- Website
- Developer Portal
- Console
- Sign Up
- Login
- Pricing
- Plans
- Rate Limits
- Support
- Status Page
- Contact
- F A Q
- Glossary
- Terms of Service
- Privacy Policy
- Trust Center
- Blog
- Changelog
- Academy
- Training
- Tutorials
- Webinars
- GitHub Organization
- GitHub Repository
- X (Twitter)
- SDK
- SDK
- SDK
- C L I
- Spectral Rules
- Vocabulary
- J S O N- L D
- Tools
- Tools
- Tools
- Features
- Use Cases
- Integrations
- Solutions
FN: Kin Lane Email: kin@apievangelist.com