Back to Documentation
ADLIBO AI Threat Feed
Firewall Intégration
Block AI attackers at the network perimeter. Automatically feed malicious IPs detected by Adlibo to your firewall.
Prerequisite: AI Threat Feed is a complement to Prompt Guard. Blocklist IPs come exclusively from Prompt Guard détections. Without an active Pro or Enterprise subscription, the blocklist remains empty.
Real-time Updates
New threats added within seconds
Recommended Polling
Every 5 minutes (5min cache)
Universal Format
Plain text, JSON, CSV, PAN-OS
Select Your Firewall
API Endpoint
GET /api/v1/firewall/blocklistParameters
| Parameter | Type | Description |
|---|---|---|
vendor | string | paloalto, fortinet, checkpoint, sophos, cisco, juniper, sonicwall, stormshield |
format | string | plain (default), json, csv, panos |
hours | number | Time window in hours (default: 24) |
severity | string | LOW, MEDIUM, HIGH, CRITICAL (comma-separated) |
min_hits | number | Minimum hit count (default: 1) |
limit | number | Max entries (default: 10000, max: 50000) |
cURL Example
Script / Automation
# Fetch blocklist with authentication curl -H "Authorization: Bearer YOUR_API_KEY" \ "https://www.adlibo.com/api/v1/firewall/blocklist?severity=high,critical&min_hits=3" # JSON format with full détails curl -H "Authorization: Bearer YOUR_API_KEY" \ "https://www.adlibo.com/api/v1/firewall/blocklist?format=json" # Vendor-specific format curl -H "Authorization: Bearer YOUR_API_KEY" \ "https://www.adlibo.com/api/v1/firewall/blocklist?vendor=paloalto"
Best Practices
Poll every 5 minutes
Balance between freshness and API efficiency.
Filter by severity
Use severity=high,critical for serious threats.
Set minimum hits
Use min_hits=3 to avoid blocking one-time offenders.
Test in log mode first
Log-only before blocking to validate.
Need Help?
Our team can help you configuré the intégration with your specific firewall setup.