Strobesstrobes
Platform · API & Developers

BuildonStrobeswithaCompleteAPI

Full REST API access, webhook support, and SDK tooling. Everything your team needs to extend Strobes AI into your security operations stack.

Strobes AI is built API-first. Every feature available in the platform is available through the API. Build custom integrations, automate complex workflows, and embed exposure data wherever your team works. Whether you're piping findings into a custom dashboard or triggering remediation from your CI/CD pipeline, the API gives you full programmatic control.

Build on Strobes
Read the Docs
0+ REST APIs
0CVEs in Intel API
0Query & mutation ops
0SDK + Pipelines
The Problem

Securitytoolsareblackboxeswithnoextensibility.

Most security platforms treat their API as an afterthought: limited endpoints, poor documentation, and no SDK support. Teams that need custom integrations, automated workflows, or embedded security data are stuck with manual workarounds.

  • Data trapped in silos: no programmatic way to extract findings, risk scores, or remediation metrics for custom reporting
  • No event-driven architecture: teams resort to polling or manual checks instead of reacting to security events in real time
  • Custom integrations are fragile, built on undocumented APIs that break with every platform update
  • Developer experience is an afterthought: no SDKs, no code examples, no sandbox for testing

Security platforms should be platforms. Extensible, programmable, and developer-friendly.

Developer Experience

Real code, real endpoints

Explore the Strobes API ecosystem: GraphQL platform access, vulnerability intelligence, automation pipelines, and custom scanner connectors.

Full platform access via GraphQL — query and mutate assets, findings, engagements, and assessments.

Base{host}/api/graphql/
POST/api/graphql/

Query All Findings

Fetch paginated findings with cursor-based pagination, filtering by severity, state, and organization.

1from strobes_gql_client import StrobesGQLClient
2 
3client = StrobesGQLClient(
4    host="app.strobes.co",
5    api_token=os.environ["STROBES_API_TOKEN"]
6)
7 
8# Query all critical open findings
9result = client.execute_query(
10    "allBugs",
11    organizationId=org_id,
12    searchQuery="severity:critical state:open",
13    orderBy="-severity",
14    page=1,
15    pageSize=50
16)
17 
18for bug in result["allBugs"]["objects"]:
19    print(f"{bug['title']} — {bug['severity']}")
GraphQL + REST|30+ query & mutation operations|390K+ CVE database|Python SDK|Serverless pipelines
API Ecosystem

Everything in the platform, available programmatically

GraphQL Platform API

Full platform access via GraphQL at /api/graphql/. Query and mutate assets, findings, engagements, and assessments. Cursor-based pagination, bulk operations (update, assign, tag, delete), and real-time data. Authenticated with scoped API tokens.

Intel REST API

Vulnerability intelligence API at intel.strobes.co with 390K+ CVEs. Public endpoints for CVE lookup, EPSS scores, CISA KEV data, and threat actor tracking. Licensed endpoints for bulk downloads and advanced filtering. No SDK required, just standard HTTP.

Automation Pipelines

Serverless Python functions that run inside Strobes. Implement run_pipeline(input) to process findings with full access to CVE intelligence, asset context, and prefetched data. Adjust severity, enrich descriptions, calculate custom risk scores, and enforce business logic.

Custom Connectors

Import findings from any scanner or tool via the Script Executor. Implement a run() function that returns normalized assets and vulnerabilities with deduplication keys. Supports 222 asset types across cloud (AWS, Azure, GCP), network, web, and code.

Getting Started

From API token to production integration in minutes

Step 01 / 04
01

Generate API Token

Create a scoped API token from the Strobes dashboard. Set environment variables STROBES_API_TOKEN and STROBES_ORGANIZATION_ID. Token-based auth via Authorization header, or JWT login via /api/v1/login/.

Step 02 / 04
02

Install the SDK

Clone strobes-gql-client from GitHub and install with pip. The SDK wraps GraphQL operations with sgqlc: typed queries, mutations, and cursor pagination out of the box. Or use raw HTTP with any language.

Step 03 / 04
03

Query & Mutate

Use execute_query() for reads (allBugs, allAssets, allEngagements) and execute_mutation() for writes (bulkUpdate, bulkAssignment, addComment). The Intel REST API needs no SDK, just standard GET/POST with JSON.

Step 04 / 04
04

Extend with Pipelines

Write Python pipeline functions that process every finding as it flows through Strobes. Access prefetched CVE data, CWE context, asset metadata, and EPSS scores. Return a dict of fields to update. Strobes handles the rest.

What Teams Build

One API. Endless ways to extend it

Custom Dashboards

Build internal dashboards that combine Strobes exposure data with your own business context. Pull findings, risk scores, and remediation metrics via GraphQL into Grafana, Datadog, or custom web apps. Example: A security team builds a Grafana dashboard that combines Strobes risk scores with deployment frequency from their CI/CD platform, showing how release velocity correlates with exposure.
Open Source

Official GitHub repositories

Clone, fork, and contribute. All client libraries, cookbooks, and pipeline examples are open source.

strobes-co/strobes-gql-client
Public

Official Python GraphQL client for the Strobes platform. Typed queries, mutations, cursor pagination, and JWT auth helpers built on sgqlc.

PythonGPL-3.0
strobes-co/strobes-cookbook
Public

Ready-to-use scripts for asset validation, vulnerability CSV import, AWS cloud asset sync, CI/CD integration, and Custom Connector development.

PythonMIT
strobes-co/pipelines-cookbook
Public

Example automation pipeline functions — CVSS severity adjustment, CVE enrichment, exploit prioritization, SLA calculation, and CWE categorization.

PythonMIT
Security professional
Customer Story
98%
Triage noise eliminated
WeintegratedStrobesintoourCI/CDpipelineintwodaysusingtheGraphQLclient.ThePythonSDKhandlespaginationandauth,sowejustwritethelogic.OurnightlytriagescriptqueriesallBugs,enrichesfindingswithCMDBdata,andassignsownersautomatically.Whatusedtotakeourteam3hourseverymorningnowrunsin90seconds.

Staff Security Engineer

Security Automation Lead · FinTech Platform

View API Docs
Related Capabilities

Build on the full platform

Platform

Platform Overview

See the complete platform the API exposes.

Connect

Integrations

Pre-built integrations that use the same API.

Execute

Workflows & Automation

Automate workflows with event-triggered hooks and pipelines.

FAQ

Frequently Asked Questions

Developer Resources

Documentation & Code

API Documentation

Complete Intel API reference with endpoint docs and code examples

Python GraphQL Client

Official Python SDK for the Strobes platform GraphQL API

Pipelines Cookbook

Example pipeline functions for finding enrichment and processing

Start building on the Strobes API

Get API access and build the integrations your security operations need. Custom dashboards, CI/CD gates, automated workflows, the full platform is at your fingertips.

Get API Access