FraudGuard.io provides a focused set of APIs designed to solve specific security problems — without forcing you to learn everything at once. This guide groups our APIs so you can quickly choose the right tool for the job.

Our Products

These are the flagship products you’ll see on the FraudGuard landing page. They are higher-level products that may use one or more APIs below under the hood.

  • Offline Threat Database
    Downloadable CSV and SQLite threat intelligence for offline use, air‑gapped environments, firewalls, and internal security pipelines.

  • BotGuard
    Lightweight bot and automation defense using client-side signals and human verification challenges.

  • AccessGuard
    AWS-native access protection using Service Control Policies (SCPs) combined with FraudGuard whitelist and threat intelligence.

  • TrailGuard
    CloudTrail-based monitoring that applies FraudGuard geoblocks, blacklists, and threat feeds to cloud activity.

  • LogGuard AI
    Log ingestion, enrichment, and AI-assisted threat analysis using FraudGuard intelligence alongside the LogGuard APIs.

1. Real-Time IP Reputation (Single Lookups)

Use these APIs when you need a decision for one IP right now — login, signup, checkout, contact forms, or API access.

What they do

  • Risk score
  • Threat classifications
  • Geo, ISP, and organization context
  • Include real-time context from your account’s custom blacklists, whitelists, and geocontrol (country block) settings

Primary APIs

Use this if

  • You need to allow, challenge, or block traffic in real time
  • You’re making per-request security decisions

Recommended starting pointGet Specific IP Reputation v5 (latest)

2. Bulk IP Lookups (Batch Enrichment)

Use these when you need to analyze many IPs at once — logs, exports, investigations, or scheduled jobs.

What they do

  • Enrich hundreds of IPs per request
  • Return reputation, geo, and list context per IP

Primary APIs

3. User History Check (Login / Account Risk Signals)

Use these APIs when you want account-level signals. This is ideal for detecting unusual login patterns, repeated attempts, or sudden location/IP changes for a specific user.

What they do

  • Store and retrieve recent login history for a user
  • Support “user history check” workflows (risk signals + recommendations)
  • Help you spot anomalies across logins (velocity, repetition, unfamiliar IPs)

Primary APIs

Use this if

  • You want to evaluate risk at the user account level (ATO prevention)
  • You want to combine IP reputation with “is this normal for this user?”

Recommended starting pointPost User History Check

4. Custom Enforcement (Blacklists, Whitelists, Geoblocking)

Use these APIs when you want your own allow/block policy layered on top of FraudGuard intelligence.

What they do

  • Manage custom blacklists and whitelists
  • Apply country-based geoblocking
  • Return list context during lookups

Primary APIs

Use this if

  • You need explicit allow/block rules
  • You want policy enforcement across apps or infrastructure

Recommended starting point → Start with Post Custom Blacklist (v2) + Post Custom Whitelist (v2)

5. Rate Limiting (Abuse & Brute-Force Protection)

Use this when you need to control request volume and stop abuse before it hits your application.

What they do

  • Enforce request limits per IP + identifier
  • Return allow/block decisions with retry timing
  • Protect forms, logins, APIs, and sensitive endpoints

Primary APIs

Use this if

  • You’re stopping brute force or spam
  • You want simple, API-driven rate limiting

Recommended starting point → Create a rule (Rate Limit Rule Creation) and call (Rate Limit Enforce) on each request

6. ThreatWatch (Monitor Specific IPs)

Use this when you want to actively monitor IPs you care about and receive summarized insights.

What it does

  • Tracks activity from monitored IPs
  • Provides analytics on observed behavior
  • Supports alerting workflows

Primary APIs

Use this if

  • You maintain a watchlist
  • You want visibility into known or sensitive IPs

7. Raw Threat Feeds (Firewalls, WAFs, SIEMs)

Use these APIs when you want lists, not lookups — ideal for syncing into enforcement systems.

What they do

  • Deliver raw IP feeds by risk or threat
  • No per-request queries required

Primary APIs

Use this if

  • You’re integrating with firewalls or WAFs
  • You want scheduled sync-based blocking

Recommended starting point → Consider using the Offline Threat Database for production firewall, WAF, or SIEM integrations. Raw threat feed APIs are best reserved for limited or incremental syncs, as offline datasets are significantly more efficient at scale.

8. Advanced Threat Intelligence (ACE Investigation)

Use this when you need to search the attack correlation engine (ACE) dataset itself using precise filters.

What it does

  • Query by ASN, ISP, organization, country, threat, or risk
  • Designed for investigations and analysis
  • Surface aggregated threat patterns and risk signals by country or region

Primary APIs

Use this if

  • You’re researching targeted attacks
  • You need filtered visibility into FraudGuard ACE data

9. LogGuard AI (Logs → Enrichment → AI Review)

Use this when your workflow is to upload logs and investigate AI-flagged threats.

What it does

  • Ingests log files
  • Enriches IPs with FraudGuard intelligence
  • Flags suspicious activity for review

Primary APIs

More about the product: https://fraudguard.io/logguard-ai

Use this if

  • You want AI-assisted log analysis
  • You’re investigating historical activity

10. Offline Threat Database (No Live API Required)

Use this when you need downloadable threat intelligence for offline or air-gapped environments.

What they do

  • Provide SQLite or CSV threat datasets
  • No live queries or data sharing required

Primary APIs

Use this if

  • You want local processing
  • You’re syncing into internal systems
  • You do not want to send logs, traffic, or sensitive metadata outside your environment.

Helper APIs (Reporting & Recent History)

These are lightweight utilities that make FraudGuard easier to operate, monitor, and integrate.

Primary APIs

Use this if

  • You want visibility into usage trends and API activity
  • You want a quick “recent IPs” feed tied to risk or list type for auditing and workflows

📘 Further Reading

Here are some concrete examples and essential resources to review:

If you have questions or want help choosing the right API, reach us anytime at hello@fraudguard.io.