Every action below is available as a verb in Cerebral OS — callable from a Cerebral, a Map, or the Runtime API. All executions are governed, audited, and dry-run safe.
Create Indicator
defastra:create_indicator
Create a new threat indicator in the Defastra platform.
Write
Medium risk
Create Threat
defastra:create_threat
Create a new threat entry in the Defastra platform.
Write
Medium risk
Delete Threat
defastra:delete_threat
Delete a threat entry from the Defastra platform. This action cannot be undone.
Write
High risk
Get Alert
defastra:get_alert
Fetch a single security alert by ID with full details.
Read
Low risk
Get Scan Result
defastra:get_scan_result
Retrieve the results of a previously initiated scan.
Read
Low risk
Get Threat
defastra:get_threat
Fetch a single threat by ID with full details including indicators and risk score.
Read
Low risk
List Alerts
defastra:list_alerts
List security alerts with optional filtering.
Read
Low risk
List Indicators
defastra:list_indicators
List threat indicators with optional filtering.
Read
Low risk
List Threats
defastra:list_threats
List threats with optional filtering by severity, type, status, and date range.
Read
Low risk
Scan Domain
defastra:scan_domain
Scan a domain for threat intelligence, reputation, and security data.
Write
Medium risk
Scan Ip
defastra:scan_ip
Scan an IP address for threat intelligence and reputation data.
Write
Medium risk
Update Alert Status
defastra:update_alert_status
Update the status of a security alert and optionally assign it to a user.
Write
Medium risk
Update Threat
defastra:update_threat
Update an existing threat entry in the Defastra platform.
Write
Medium risk