API Pricing
Three ways to access
Per-Check API
$30 / score
$150 / full scan
$500 / SRA
Contact info@cyberdefenseagent.ai for an API key.
Get API Key →MSP / Reseller
$79/business/mo
25-business minimum
Full API + MCP access. White-label dashboard, multi-tenant management.
MSP Program →Authentication
All authenticated endpoints require an API key passed via the X-API-Key header.
API Key format: cda_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Header: X-API-Key: cda_your_key_here
Contact info@cyberdefenseagent.ai to request an API key.
REST API
API Endpoints
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/scan/run | Start a full scan. Body: { domain, businessName, email } |
| GET | /api/scan/status?id=<id> | Poll scan status and retrieve results |
| POST | /api/quote-request | Submit a cyber insurance quote request |
| POST | /api/leads | Submit a lead for follow-up |
Quick Start
Code Examples
cURL
# Start a scan
curl -X POST https://cyberdefenseagent.ai/api/scan/run \
-H "Content-Type: application/json" \
-H "X-API-Key: cda_your_key_here" \
-d '{"domain": "example.com", "businessName": "Example Corp", "email": "admin@example.com"}'
# Poll for results
curl https://cyberdefenseagent.ai/api/scan/status?id=scan_abc123 \
-H "X-API-Key: cda_your_key_here"Python
import requests, time
API_KEY = "cda_your_key_here"
BASE = "https://cyberdefenseagent.ai"
headers = {"X-API-Key": API_KEY, "Content-Type": "application/json"}
# Start scan
resp = requests.post(f"{BASE}/api/scan/run", headers=headers, json={
"domain": "example.com",
"businessName": "Example Corp",
"email": "admin@example.com"
})
scan_id = resp.json()["id"]
# Poll until complete
while True:
status = requests.get(f"{BASE}/api/scan/status?id={scan_id}", headers=headers).json()
if status["status"] == "complete":
print(f"Score: {status['score']} ({status['grade']})")
break
time.sleep(5)Node.js
const API_KEY = "cda_your_key_here";
const BASE = "https://cyberdefenseagent.ai";
// Start scan
const scanRes = await fetch(`${BASE}/api/scan/run`, {
method: "POST",
headers: { "X-API-Key": API_KEY, "Content-Type": "application/json" },
body: JSON.stringify({
domain: "example.com",
businessName: "Example Corp",
email: "admin@example.com"
})
});
const { id } = await scanRes.json();
// Poll until complete
let result;
do {
await new Promise(r => setTimeout(r, 5000));
const statusRes = await fetch(`${BASE}/api/scan/status?id=${id}`, {
headers: { "X-API-Key": API_KEY }
});
result = await statusRes.json();
} while (result.status !== "complete");
console.log(`Score: ${result.score} (${result.grade})`);Methodology
Scoring Methodology
Category Weights
SPF, DKIM, DMARC configuration and enforcement
Certificate validity, protocol version, cipher strength
CSP, HSTS, X-Frame-Options, Referrer-Policy
DNSSEC, CAA records, zone configuration
Open ports, exposed services, known vulnerabilities
Grade Scale
| Grade | Range | Meaning |
|---|---|---|
| A | 90 – 100 | Excellent — insurance-ready |
| B | 75 – 89 | Good — minor gaps |
| C | 60 – 74 | Fair — may trigger underwriting questions |
| D | 40 – 59 | Poor — likely denial or exclusions |
| F | 0 – 39 | Failing — critical issues |
MCP Server
Model Context Protocol
MCP lets AI assistants like Claude Desktop and Cursor call Cyber Defense Agent tools natively. Add our server to your config and ask your AI to scan any domain.
Claude Desktop / Cursor Configuration
{
"mcpServers": {
"cyberdefenseagent": {
"url": "https://cyberdefenseagent.ai/mcp",
"headers": {
"X-API-Key": "cda_your_key_here"
}
}
}
}Available Tools
get_scoreRetrieve the Cyber Defense Score for a domain
request_quoteSubmit a cyber insurance quote request
check_readinessRun a full readiness assessment
get_industry_benchmarkCompare a score against industry peers
A2A Protocol
Agent-to-Agent Communication
The A2A protocol enables autonomous agents to discover and invoke Cyber Defense Agent skills via a standard agent card and JSON-RPC interface.
Agent Card
Discoverable at https://cyberdefenseagent.ai/.well-known/agent.json
Skills
cyber-scoreReturn the Cyber Defense Score for a domain
full-scanRun a comprehensive external scan
quote-requestSubmit an insurance quote request
readiness-reportGenerate a compliance readiness report
Example JSON-RPC Request
POST https://cyberdefenseagent.ai/a2a
Content-Type: application/json
{
"jsonrpc": "2.0",
"method": "tasks/send",
"id": "1",
"params": {
"id": "task-001",
"message": {
"role": "user",
"parts": [
{ "type": "text", "text": "Get the cyber defense score for example.com" }
]
}
}
}OpenAI GPT
Build a Cyber Defense Agent GPT
Create a custom GPT in ChatGPT that can scan domains, check scores, and submit insurance quote requests using Cyber Defense Agent actions.
GPT Configuration
Name
Cyber Defense Agent
Description
Scan any domain for cyber insurance readiness. Get a Cyber Defense Score, identify vulnerabilities, and request a cyber liability insurance quote.
Instructions
You are a Cyber Defense Agent. When a user provides a domain: 1. Call the scan/run action with the domain. 2. Poll scan/status every 5 seconds until status is "complete". 3. Present the Cyber Defense Score (letter grade + numeric score). 4. Summarize findings by category: Email Auth, TLS, Headers, DNS, Ports. 5. List the top 3 remediation priorities. 6. Offer to submit a cyber liability insurance quote request. Always explain results in plain language. If the user asks about cyber insurance, explain what underwriters look for and how the score affects premiums and eligibility.
OpenAPI Schema for Actions
openapi: "3.1.0"
info:
title: Cyber Defense Agent API
version: "1.0"
servers:
- url: https://cyberdefenseagent.ai
paths:
/api/scan/run:
post:
operationId: startScan
summary: Start a cyber defense scan
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [domain]
properties:
domain:
type: string
description: Domain to scan
businessName:
type: string
email:
type: string
responses:
"200":
description: Scan started
content:
application/json:
schema:
type: object
properties:
id:
type: string
status:
type: string
/api/scan/status:
get:
operationId: getScanStatus
summary: Get scan status and results
parameters:
- name: id
in: query
required: true
schema:
type: string
responses:
"200":
description: Scan status
content:
application/json:
schema:
type: object
properties:
status:
type: string
score:
type: number
grade:
type: string
/api/quote-request:
post:
operationId: submitQuoteRequest
summary: Submit a cyber insurance quote request
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [domain, email]
properties:
domain:
type: string
email:
type: string
businessName:
type: string
revenue:
type: string
industry:
type: string
responses:
"200":
description: Quote request submittedHow to Create Your GPT
- 1.Go to chat.openai.com/gpts/editor
- 2.Set the name, description, and instructions from above
- 3.Under Actions, click “Create new action”
- 4.Paste the OpenAPI schema above
- 5.Under Authentication, select API Key → Header →
X-API-Key - 6.Save and publish your GPT
Integration Options
Four Ways to Integrate
REST API
Standard HTTP endpoints. Any language, any platform. API key authentication.
MCP Server
Native integration with Claude Desktop, Cursor, and any MCP-compatible client.
A2A Protocol
Agent-to-agent communication via JSON-RPC. Discoverable agent card.
OpenAI GPT
Build a custom GPT with cyber insurance readiness actions.
Ready to integrate?
Start with a free scan, or contact us for API access and custom integrations.