Frequently Asked Questions

alphaMountain goes beyond simple web reputation scoring by delivering real-time, contextual threat intelligence for domains, URLs, and IPs. Our proprietary machine learning models ingest not only content, but thousands of factors to provide nuanced threat assessments, including indicators like DGA probability, phishing risk, and other behavioral signals unavailable from legacy providers.

alphaMountain empowers security teams with faster, more confident decision making. Benefits include high-fidelity risk ratings, contextual enrichment for investigations, rapid detection of newly observed threats, and a single API that consolidates data types typically scattered across multiple sources to save you time, budget, and integration effort.

alphaMountain leverages proprietary LLMs for both categorization and risk scoring. These combine live web crawling, global telemetry, DNS and other exclusive input sources. Our models are continuously updated with millions of observations daily to maintain high accuracy and real-time relevance in dynamic threat environments.

alphaMountain offers flexible licensing based on usage volume and deployment needs, whether for commercial platforms, internal SOCs, or managed service providers. We support both consumption and royalty-based models, with granular, transparent pricing and no restrictive terms that limit scale or innovation.

alphaMountain integrates seamlessly via with SIEM, SOAR, TIP, and XDR platforms. The API design ensures quick time to value and enriches alerts with context that improves investigation outcomes. Integration can immediately enhance phishing detection, domain risk scoring, and automated incident response workflows.

alphaMountain is designed for easy, developer-friendly integration. Our RESTful API provides clear, predictable responses and supports SDKs and connectors for popular security platforms such as Splunk Enterprise, Cisco XDR, Tines, Swimlane and more. Most clients complete their initial integration in under a day, and our team is available to assist every step of the way.

You can deploy alphaMountain data in a number of ways depending on your use case. Our API returns data in milliseconds and is used in individual and bulk queries in addition to updating our feeds. Additionally, the database or portions thereof can be installed locally in your solution and updated at preset intervals.

Our data is updated in near real time as new hosts are discovered or updated. Our threat intelligence feeds are updated hourly. New domains, URLs, and IPs are scored and classified as they are discovered, often within seconds of initial observation. This ensures customers receive fresh, accurate threat assessments even for newly registered or rapidly changing entities.

Yes. We offer comprehensive, developer-friendly documentation covering every API endpoint, and data field. In addition, our support team is available to assist with implementation, tuning, and threat intelligence use case development to ensure your integration is successful.