Skip to content

APIs, Feeds & SDKs

Open Access CORS Enabled STIX 2.1

Everything QIF produces is available as open data. 161 threat techniques, 24 BCI devices, 38 brain regions, 13 physics constraints, STIX 2.1 threat bundles, and a live intelligence feed from 74+ sources. Use the unified JSON API, the Python SDK, or raw data feeds to integrate into your own security platforms, research pipelines, and BCI firmware.

Static JSON, generated at build time. No authentication required. Cache-friendly (1 hour TTL). Free to use in your own research, tools, or applications.

Unified Endpoint

GET /api/qif.json

Returns the complete QIF dataset as a single JSON object.

curl https://qinnovate.com/api/qif.json

Content-Type

application/json

Cache

public, max-age=3600

CORS

Access-Control-Allow-Origin: *

Auth

None required

Response Structure

{
  "version": "1.0",
  "generated": "2026-02-21T...",
  "hourglass_bands": [...],        // 11 QIF bands (shared key)

  "threats": {
    "techniques": [...],           // 161 TARA attack techniques
    "categories": [...],           // 8 attack categories
    "tactics": [...],              // TARA tactics
    "stats": {...},                // Severity, status, NISS breakdowns
    "tara_stats": {...},           // Dual-use, FDA, consent tier stats
    "dsm5_stats": {...},           // Diagnostic cluster stats
    "physics_feasibility": {...},  // Physics tier distributions
    "neurorights": {...},          // Cognitive liberty impact stats
    "regulatory": {...}            // FDORA coverage stats
  },

  "devices": {
    "inventory": [...],            // 24 BCI devices (merged specs)
    "stats": {...}                 // Device counts, channel ranges
  },

  "brain_atlas": {
    "regions": [...],              // 38 brain structures
    "device_mappings": [...],      // Device-to-region links
    "neural_latency": [...],       // Response time windows
    "physics_constraints": [...]   // Per-band thermal/EM limits
  },

  "physics": {
    "constraints": [...],          // 13 BCI Limits Equation constraints
    "categories": [...],           // 5 constraint categories
    "constants": [...],            // 14 physical constants
    "validation": {...}            // Cross-validation results
  },

  "specs": {
    "niss": {...},                 // NISS scoring specification
    "tara": {...},                 // TARA specification
    "dsm5": {...}                  // DSM-5 bridge specification
  }
}

Cross-referencing: Everything links through QIF hourglass band IDs. A threat technique targets bands, bands map to brain regions, brain regions map to devices, devices have physics constraints. One graph.

Python SDK

Install the official TARA SDK to load the registry, filter techniques, and export to STIX format. 

pip install qtara
from qtara import TaraRegistry

registry = TaraRegistry.load()
techniques = registry.get_techniques()
print(f"Loaded {len(techniques)} mappings")

# Filter by severity
critical = [t for t in techniques if t.severity == "critical"]

# Export to STIX 2.1
bundle = registry.to_stix()
bundle.save("tara-bundle.json")

PyPI Package

pypi.org/project/qtara

Source Code

shared/qtara/ on GitHub

STIX 2.1 Threat Feed

All 161 TARA threat techniques are available as a STIX 2.1 bundle for integration with threat intelligence platforms (MISP, OpenCTI, Splunk ES, Microsoft Sentinel).

GET /api/stix.json

Returns a STIX 2.1 Bundle with attack-pattern objects for every TARA technique. Public, CORS-enabled, cached 1 hour.

# Count attack patterns
curl -s https://qinnovate.com/api/stix.json | jq '.objects | length'

# Python SDK
pip install qtara
python -m qtara stix --output tara-bundle.json

# Import to OpenCTI / MISP
curl -o tara-stix.json https://qinnovate.com/api/stix.json
# OpenCTI: Data > Import > STIX 2.1 Bundle
# MISP: Event Actions > Add STIX 2.1
# Splunk ES: Threat Intelligence Management
# Microsoft Sentinel: Threat Intelligence blade

Bundle Contents

Identity object — Qinnovate as the source organization

161 Attack Patterns — One per TARA technique, with kill chain phases, severity, band mapping, and dual-use classification

Custom Properties x_qif_severity, x_qif_bands, x_qif_dual_use

STIX 2.1 Feed JSON TARA Registrar JSON

All TARA techniques are mapped to MITRE-compatible IDs (QIF-T0001+) and include NISS v1.1 impact vectors for neural risk scoring.

Intel Feed

Automated intelligence aggregator crawling 74+ RSS feeds and Google News queries across neurotechnology, BCI security, medical devices, regulatory, and research domains. Updated weekly via GitHub Actions.

773
Items Tracked
55
Unique Sources
Weekly
Update Cadence

Pipeline

  1. 74+ RSS feeds and Google News queries are crawled weekly
  2. Items are filtered by 90+ relevance keywords (BCI, neurosecurity, medical device, etc.)
  3. Fuzzy deduplication removes near-duplicates (trigram Jaccard similarity)
  4. New items are tagged by category, source, and topic
  5. Feed accumulates over time (no rolling window)

Schedule: Every Sunday at 17:00 UTC via GitHub Actions.
Manual: npm run fetch-intel
Data: src/data/bci-intel-feed.json

Browse Intel Feed

Search, filter, and explore the full feed

KQL Data Lake

Query BCI devices, threats, and landscape data

Source Categories

Tech Journalism

TechCrunch, Wired, The Verge, MIT Tech Review

Biotech & MedTech

STAT News, Fierce Biotech, MedCity News

Academic & Research

arXiv, Nature Neuroscience, IEEE Spectrum, JNER

Security & Standards

NIST Cybersecurity, CISA Advisories, FDA MedWatch

Financial & VC

GlobeNewswire, PR Newswire, Google News neurotech VC

Google News Queries

BCI, Neuralink, MIND Act, neural startups, neurotech patents

Usage Examples

JavaScript / TypeScript

const res = await fetch('https://qinnovate.com/api/qif.json');
const qif = await res.json();

// Get all critical threats targeting cortical implants
const corticalDevices = qif.devices.inventory
  .filter(d => d.deviceType === 'Cortical BCI');

const corticalBands = [...new Set(
  corticalDevices.flatMap(d => d.qifBands)
)];

const criticalThreats = qif.threats.techniques
  .filter(t => t.severity === 'critical')
  .filter(t => t.bands.some(b => corticalBands.includes(b)));

console.log(criticalThreats.length, 'critical threats');

Python (qtara SDK)

from qtara import TaraRegistry

registry = TaraRegistry.load()

# Find all dual-use techniques (attack == therapy mechanism)
dual_use = [t for t in registry.get_techniques() if t.dual_use]
print(f"{len(dual_use)} dual-use techniques")

# Export critical threats as STIX 2.1
critical = registry.filter(severity="critical")
bundle = critical.to_stix()
bundle.save("critical-threats.json")

Python (requests)

import requests

qif = requests.get('https://qinnovate.com/api/qif.json').json()

# Find devices that target the hippocampus
hippo_devices = [
    m['device_id']
    for m in qif['brain_atlas']['device_mappings']
    if 'hippocampus' in m.get('target_regions', [])
]

# Get physics constraints for those devices
for dev in qif['devices']['inventory']:
    if dev['id'] in hippo_devices:
        print(f"{dev['name']}: {dev['thermalBudget']}")

curl + jq

# Count threats by severity
curl -s https://qinnovate.com/api/qif.json \
  | jq '.threats.stats.severity'

# List all device names
curl -s https://qinnovate.com/api/qif.json \
  | jq '[.devices.inventory[].name]'

# Get STIX 2.1 attack pattern count
curl -s https://qinnovate.com/api/stix.json \
  | jq '.objects | length'

# Get physics constants
curl -s https://qinnovate.com/api/qif.json \
  | jq '.physics.constants'

All Endpoints

GET /api/qif.json

Complete QIF dataset. Threats, devices, brain atlas, physics, specs. Recommended for new integrations.

GET /api/stix.json

STIX 2.1 bundle. 161 attack-pattern objects with kill chain phases, severity, and band mapping.

GET /api/tara.json

TARA threat techniques only. Same data as qif.json > threats section.

Raw Data (GitHub)

TARA Registrar shared/qtara-registrar.json
Intel Feed Cache src/data/bci-intel-feed.json
Intel Sources src/data/intel-sources.json