Pulsedive
LAST UPDATED: JANUARY 16, 2026
Overview
Pulsedive is a free analyst-centric threat intelligence platform that offers comprehensive, enriched threat intelligence from user submissions and threat intelligence feeds. This integration enables organizations to check URL or IP reputation.
D3 SOAR is providing REST operations to function with Pulsedive.
Pulsedive is available for use in:
Known Limitations
API pricing and rate limits vary by subscription tier.
.png?inst-v=9d5c883f-2a14-4fb1-ad0d-a8ff2107ecd1)
Refer to the API Pricing and Limits section on API - Pulsedive for detailed information.
Connection
Gather the following information to connect D3 SOAR to Pulsedive.
Parameter | Description | Example |
Server URL | The Pulsedive API server URL. | https://pulsedive.com |
API Key | The Pulsedive API key. An API key is not strictly required to access the API. When no API key is provided in the connection, rate limits are applied for free users based on typical usage patterns. For programmatic access, the use of an API key is recommended. | b631*****0906 |
Configuring Pulsedive to Work with D3 SOAR
Log into Pulsedive.
Click the account name.
Copy the API key on the account overview page.
Refer to step 2 in Configuring D3 SOAR to Work with Pulsedive.
Configuring D3 SOAR to Work with Pulsedive
Log in to D3 SOAR.
Find the Pulsedive integration.
Navigate to Configuration on the top header menu.
Click on the Integration icon on the left sidebar.
Type Pulsedive in the search box to find the integration, then click it to select it.
Click on the + Connection button on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to Pulsedive.
Connection Name: The desired name for the connection.
Site: The site on which to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field is displayed when Share to Internal Sites is selected for the Site field, allowing selection of the internal site for deploying the integration connection.
Agent Name (Optional): The proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): The description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, users can choose the specific tenant sites with which to share the connection. Once this setting is enabled, users can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: The checkbox that enables the connection to be used when selected.
System Reputation Check: Selecting one or more reputation checkboxes will run the corresponding check reputation commands under this integration connection to enrich the corresponding artifacts with reputation details.
For example, an integration connection named "ConnectionA" is configured with the "Sandbox" site. All URL artifacts from the "Sandbox" site will undergo a reputation check using the Check URL Reputation command from that integration. The return data output from this command will then be used to update the risk level of artifacts, which may affect the risk level of incoming events.
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection.
1. Input the Server URL.
2. Input the API Key. Refer to step 3 in Configuring Pulsedive to Work with D3 SOAR.
Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Refer to the password vault connection guide if needed.
Test the connection.
Click on the Test Connection button to verify credentials and connectivity. A success alert displays Passed with a green checkmark. If the connection fails, review the parameters and retry.
Click OK to close the alert window.
Click + Add to create and add the configured connection.
Commands
Pulsedive includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command function, users can execute these commands independently for playbook troubleshooting.
Integration API Note
For more information about the Pulsedive API, refer to the Pulsedive API reference.
Check URL Reputation
Retrieves reputation details for the specified URLs.
Input
Input Parameter | Required/Optional | Description | Example |
URLs | Required | The URLs for which reputation information will be retrieved. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Check URL Reputation failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Pulsedive portal. Refer to the HTTP Status Code Registry for details. | Status Code: 429. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: API rate limit exceeded: 1 requests per second. Visit pulsedive.com/api to view limits and upgrade your plan. |
Error Sample Data Check URL Reputation failed. Status Code: 429. Message: API rate limit exceeded: 1 requests per second. Visit pulsedive.com/api to view limits and upgrade your plan. |
Test Connection
Allows users to perform a health check on an integration connection. Users can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
Input
N/A
Output
Output Type | Description | Return Data Type |
Return Data | Indicates one of the possible command execution states: Successful or Failed. The Failed state can be triggered by any of the following errors:
More details about an error can be viewed in the Error tab. | String |
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Test Connection failed. Failed to check the connector. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Azure OpenAI portal. Refer to the HTTP Status Code Registry for details. | Status Code: 429. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: API rate limit exceeded: 1 requests per second. Visit pulsedive.com/api to view limits and upgrade your plan. |
Error Sample Data Test Connection failed. Failed to check the connector. Status Code: 429. Message: API rate limit exceeded: 1 requests per second. Visit pulsedive.com/api to view limits and upgrade your plan. |