# Securitytrails AI integration on Definable

> SecurityTrails is a cybersecurity platform providing comprehensive domain, IP, DNS, and WHOIS intelligence data.

## What this connects

SecurityTrails is a cybersecurity platform providing comprehensive domain, IP, DNS, and WHOIS intelligence data. It offers historical DNS records, subdomain discovery, WHOIS history, associated domains, passive DNS datasets, and website technology detection to support threat hunting, brand protection, cyber forensics, and attack surface management.

Vendor: https://securitytrails.com/

## Tools available

**12** tools available. First 12:

- `SECURITYTRAILS_BULK_STATIC_ASSET_RULES` — Bulk Static Asset Rules — Bulk add or remove static asset rules for a SecurityTrails ASI project. Static asset rules define which domains/IPs are included or excluded from the project's monitoring scope. This operation processes up to 1000 rules (combined add + remove) per request. The API processes rules asynchronously, waiting up to 2 seconds for completion. If processing takes longer, task_ids are returned for status polling. Note: Requires a valid project_id from the List Projects endpoint. Use the Get Static Assets endpoint to verify changes after bulk operations complete.
- `SECURITYTRAILS_GET_COMPANY_ASSOCIATED_IPS` — Get Company Associated IPs — Tool to retrieve IPs associated with a company domain. Use when you need to find all IP addresses linked to an organization's domain name.
- `SECURITYTRAILS_GET_DOMAIN` — Get Domain Details — Retrieves comprehensive domain information from SecurityTrails including current DNS records, infrastructure details, and statistics. This tool fetches detailed DNS data (A, AAAA, MX, NS, SOA, TXT records) along with metadata about when records were first seen, which organizations own the infrastructure, and how many other domains share the same servers. Useful for domain reconnaissance, infrastructure mapping, security analysis, and understanding domain configurations. Returns structured data with typed fields for easy programmatic access by AI agents.
- `SECURITYTRAILS_GET_DOMAIN_SSL` — Get Domain SSL — Tool to fetch current and historical SSL certificate details for a hostname. Use when you need to retrieve SSL data after identifying the domain. Coverage limited to certificates indexed by SecurityTrails; private, internally-issued, or very recently issued certificates may be absent.
- `SECURITYTRAILS_IP_SEARCH_STATISTICS` — IP Search Statistics — Fetch aggregated statistics for IP addresses matching a DSL query. Returns top open ports by frequency, common reverse DNS patterns, and total count. Useful for analyzing IP infrastructure patterns, port distributions, and PTR records across specific IP ranges or reverse DNS domains.
- `SECURITYTRAILS_LIST_PROJECTS` — List ASI Projects — Tool to list ASI projects available to the account. Use when you need project IDs for subsequent ASI operations.
- `SECURITYTRAILS_PING` — Ping — Tool to test authentication and connectivity with the SecurityTrails API. Use after configuring API key.
- `SECURITYTRAILS_SCROLL` — Scroll Results — Tool to continue scrolling through DSL search results. Use after receiving a scroll_id from SECURITYTRAILS_SEARCH_IPS or SECURITYTRAILS_SQL_API_EXECUTE_QUERY to fetch the next batch of data. Call iteratively until no scroll_id is returned to retrieve all pages.
- `SECURITYTRAILS_SEARCH_IPS` — Search IPs — Tool to search IP addresses via SecurityTrails DSL. Use when you need to filter IPs with custom DSL queries. Results are paginated; use SecurityTrails scroll mechanisms for large result sets to avoid missing assets.
- `SECURITYTRAILS_SQL_API_EXECUTE_QUERY` — SQL API Execute Query — Execute SQL-like queries against SecurityTrails data. Query the 'hosts' table for domain/DNS information or the 'ips' table for IP address/ASN/port data. Returns up to 100 records per request with a scroll ID for pagination. Supports standard SQL syntax (SELECT, WHERE, AND, OR, IN, IS NULL) but does NOT support LIMIT clause.
- `SECURITYTRAILS_SQL_API_SCROLL_RESULTS` — SQL API Scroll Results — Tool to fetch next page of SQL query results. Use after obtaining scroll_id from initial SQL API response.
- `SECURITYTRAILS_TEMP_SCRAPE_SECURITYTRAILS_USAGE` — Temp Scrape Securitytrails Usage — Retrieve account usage information from the SecurityTrails API. This action fetches the current monthly usage and allowed monthly usage limits for your SecurityTrails API account. Use this to monitor your API quota consumption. Returns: On success (200): - current_monthly_usage: Your current API usage for the month - allowed_monthly_usage: Your total allowed monthly API quota On error: - status_code: HTTP status code - response_text: Error message from API

## Auth

Auth schemes: `API_KEY`.

## How agents use Securitytrails

Inside a Definable workflow, Securitytrails is one of the tools the **Distributor specialist** can call. Example coordination patterns:

- **Researcher → Securitytrails** — the Researcher (GPT-5.5) pulls context from Securitytrails (records, threads, documents), synthesises findings, and briefs the rest of the team.
- **Writer → Distributor → Securitytrails** — the Writer (Claude Opus 4.7) drafts copy in brand voice, the Verifier passes it, then the Distributor writes the result into Securitytrails (create record, post message, draft email).
- **Designer / Engineer → Distributor → Securitytrails** — the Designer ships an asset or the Engineer ships a code change, the Distributor delivers it via Securitytrails (attach file, open PR comment, post status).

The Verifier checks every Securitytrails call. On rate limit, schema drift, or auth refresh it self-heals and retries — the workflow completes without manual intervention.

## Categories

- security & identity tools — https://definable.ai/apps/category/security-&-identity-tools/
- developer tools — https://definable.ai/apps/category/developer-tools/

## Related

- HTML page: https://definable.ai/apps/securitytrails/
- Same category (security & identity tools): https://definable.ai/apps/category/security-&-identity-tools/
- All integrations: https://definable.ai/apps/
- Workflow (multi-agent loop): https://definable.ai/workflow/
- Apps llms.txt index: https://definable.ai/llms-apps.txt