Recorded Future
Recorded Future is a threat intelligence platform that provides real-time insights into potential cyber threats and vulnerabilities. By integrating Recorded Future with Brinqa, you can enhance CVE scoring and identify vulnerabilities to prioritize and address potential risks, gain a deeper understanding of your threat landscape, and enhance your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Recorded Future and how to obtain that information from Recorded Future. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Recorded Future from the Connector dropdown. If you cannot find the connector in the dropdown, make sure that you have installed it first. You must provide the following information to authenticate Recorded Future with Brinqa:
-
API URL: The Recorded Future API URL. The default URL is
https://api.recordedfuture.com. -
API Key: The access key associated with the Recorded Future account, which must have permissions to log in to the API server and return data.
Generate a Recorded Future API key
For the Recorded Future connector to use the Recorded Future API, you must provide an API key. Recorded Future does not allow retrieval of an active token, therefore, you must generate a new key instead. To do so, follow these steps:
-
Log in to your organization's Recorded Future portal as an administrator.
-
Click the menu on the upper-right corner, and then click User Settings.
-
Under API Access, click Generate New API Token.
-
Give the new API key a name and description.
-
Click Create.
Copy the new Recorded Future API key and store it in a secure location.
Consult Recorded Future documentation for accuracy. If you do not have the permissions to create an API key, contact your Recorded Future administrator.
Additional settings
The Recorded Future connector contains additional options for specific configuration:
- Request timeout (secs): The maximum time allotted, in seconds, before a request times out. The default setting is 120 seconds. Although it is not recommended, you can also enter zero (0) to disable timeouts.
Types of data to retrieve
The Recorded Future connector can retrieve the following types of data from the Recorded Future API:
Table 1: Data retrieved from Recorded Future
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Vulnerability Risk | Yes | CVE Record |
| Vulnerability Risk Indicator | Yes | Threat Intelligence |
The Recorded Future connector does not currently support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from Recorded Future in the Brinqa Platform, see How to view your data.
APIs
The Recorded Future connector uses the Recorded Future Connect API. Specifically, it uses the following endpoints:
Table 2: Recorded Future Connect API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Vulnerability Risk | GET /v2/vulnerability/risklist/ GET /v2/vulnerability/riskrules |
| Vulnerability Risk Indicator | GET /v2/vulnerability/risklist/ GET /v2/vulnerability/riskrules |
Changelog
The Recorded Future connector has undergone the following changes:
This connector is part of a bundled release with other connectors from the same vendor. If a version shows "No change", it means that the connector version was updated for consistency as part of the bundle, but no functional changes were made to this specific connector. You can update to or skip this version without affecting your existing configuration.
Table 3: Recorded Future connector changelog
| Version | Description | Date Published |
|---|---|---|
| 3.2.1 | Fixed an issue where the Vulnerability Risk Indicator object sync was failing. Added a new connection setting, Request timeout, to make the timeout configurable. The default is 120 seconds. | January 20th, 2026 |
| 3.2.0 | No change. | December 18th, 2025 |
| 3.0.0 | Initial Integration+ release. | April 5th, 2023 |