Delivery & integration#

Ways to consume HashWatch verified known-good hashes in your own tooling. Everything here works against the public surface — no account is required (an API key only widens the CLI from the public feed to the full known-good corpus).

  • CLI & CI/CDhashwatch verify a file, a URL, or a digest; fail a pipeline on unverified artifacts.
  • Pull feeds — JSON, RSS, STIX 2.1, and a TAXII 2.1 server.
  • SIEM & EDR — point Splunk / Elastic / Sentinel / QRadar at the feeds as a known-good allowlist.

All feeds link the signed transparency root so you can verify the data was not tampered with.

Backward Transparency Log CLI & CI/CD Forward