Search adversary activity, malware, techniques, and victim targeting in one place, with the source text preserved so you can verify every claim before you use it.
Why this is useful
What you can trust and work with
1,078 articles · 981 current extractions · 4 data sources · Mar 28, 2026
Verifiable sourcing
Most extracted findings can be checked against preserved source text
For an analyst, this is the core question: can you validate the database quickly instead of re-reading every report from scratch?
Findings with source quotes
40,122 of 40,476 extracted findings preserve source text, so you can verify the claim instead of trusting a summary.
99.1%354 findings require source review
Directly stated in the source
32,081 of 40,476 findings come from explicit language in the report, helping you separate stated facts from inferred context.
79.3%8,395 require analyst judgment
Current coverage
Actor attribution and sector targeting remain strong across the latest extracted corpus
These coverage rates tell you whether the current searchable corpus supports actor tracking and targeting analysis, not just isolated lookups.
Reports with named threat actors
650 of 981 extracted reports include a normalized actor reference, which makes actor-centric pivots useful rather than sparse.
66.3%331 reports without actor context
Reports with sector targeting
700 of 981 extracted reports identify victim sectors or industry targeting, which supports campaign scoping and sector research.
71.4%281 reports without sector detail
Searchable IOCs
15,617
Enough indicator depth for enrichment, hunting pivots, and historical lookups across the latest extracted corpus.
15.9 searchable IOCs per extracted report
Connected relationships
2,607
Linked actors, malware, techniques, victims, and infrastructure let you move from one fact to the next without rebuilding the chain by hand.
2.7 linked relationships per extracted report
Research pivots
Malware leads the database, with strong actor, ATT&CK, and CVE coverage across all sources
This mix shows whether the database helps with adversary profiling, technical analysis, and vulnerability context, not just IOC storage.
2,697
Malware
939
Actors
479
ATT&CK
646
CVEs
Usable coverage
Most ingested articles already have a current extraction in the searchable corpus
The archive is ahead of the latest extraction pass, but the searchable slice already covers the vast majority of ingested articles.
Articles with current extractions
981 of 1,078 ingested articles currently have a latest extraction record in Postgres. The remaining 97 are loaded in the archive but still need a current extraction pass.
91.0%97 articles pending extraction
Current extraction coverage981
Ingested without current extraction97
Source mix
Article inventory is now distributed across four ingested data sources
This horizontal bar measures total ingested article volume by source. Extraction coverage above shows how much of that inventory already has a current normalized result.