Abstract

Increased pace of Application Programming interfaces (APIs) and third party data feeds have altered the game of cyber threat intelligence, by facilitating automated data exchange and situational awareness. Nevertheless, such external data sources have new vulnerabilities because of the inconsistent quality, unchecked authenticity, and different levels of trustworthiness. Conventional one-dimensional risk appraisals are not usually effective in capturing interchangeable character of threat posed by current data being consumed, leading to incomplete or obsolete security knowledge bases. This paper suggests a risk scoring system that is dynamical to determine the security and reliability of third-party data feeds and APIs in a threat intelligence system. The framework constantly changes risk scores by combining machine learning classifiers, feature detection based on API request metadata, and variable weighting of key risk factors to adapt to changing risk conditions. The validation of the methodology occurs in simulated enterprise settings whereby numerous API feeds are consumed, evaluated and compared with the benchmark of fixed mode models. The findings reveal that dynamic risk scoring methodology enhances much higher predictive accuracy, responsiveness, and operational relevance of cyber threat intelligence dashboards. The study is significant to cybersecurity practice because it provides a model that organizations can use to determine which sources of threat data to prioritize, reduce exposure and increase resilience, which is scalable and adjustable.