Welcome “Examine API” into the Cisco Cloud Safety API expertise
Builders and engineers can now leverage the brand new Umbrella API authentication to create API keys. This contains entry to Examine API alongside different Umbrella APIs, using a contemporary OAuth2 mechanism. Beforehand, the method for authenticating the Examine API concerned producing a selected Examine API token (fundamental authentication) by way of the Examine part within the person interface.
Cisco clients and companions may extensively make the most of the Examine API to boost the info of their Safety Info and Occasion Administration (SIEM) methods, menace intelligence platforms, or incident administration workflows. This permits them to promptly determine essential safety occasions and supply further info for safety analysts and incident responders. The Examine API can be a elementary element in main integrations, akin to Cisco XDR.
Within the screenshot beneath you’ll be able to see how one can now set the outline for the associated API Key within the Umbrella dashboard.
If we have in mind circumstances the place shoppers combine Umbrella with numerous 3d celebration platforms, descriptions can present readability as to using associated API credentials. For instance, you’ll be able to add an outline like “Examine API Key with Learn/Write admin scope for Splunk.”
Limit API entry from particular IPs
Limiting API entry for a given API Key to a selected IP tackle or vary of addresses is now attainable. This vital safety enhancement ensures that buyer API requests originate solely from safe and licensed places. DevSecOps groups and directors can now implement that these requests are made completely from designated IP addresses or ranges and work with each IPv4 and IPv6 sources.
A couple of extra API updates
Strive these updates within the DevNet Sandbox
Give it a attempt! Play with these updates utilizing the Umbrella DevNet Sandbox.
Share: