Re: Secure Endpoint API v3 how to obtain file analysis and file trajec

IlhamRamadhan50266 · ‎07-09-2023

Hi, we'd like to obtain the file analysis and file trajectory information from Secure Endpoint. From the file analysis page, we'd like to get the threat score and behavioral indicator detail along with the network profile from the file trajectory page (both screenshots are attached). However, looking at the API documentation here https://developer.cisco.com/docs/secure-endpoint/ there's no information about this. Is there any way for us to get these data?

Thanks

Ken Stieers · ‎07-10-2023

File Analysis info comes from Secure Malware Analytics (aka ThreatGrid)... get a "Device Admin" account over there and you should be able to lookup samples your devices submit, that's a separate API... https://developer.cisco.com/threat-grid/
I don't see any way to get file trajectory... but you could bounce the SHA against the SecureX CTR API and let it tell you where it saw it. https://developer.cisco.com/threat-response/

Secure Endpoint API v3 how to obtain file analysis and file trajectory

[Secure Endpoint] Postmanを使ったSecure Endpoint API v3のテスト方法

[Secure Endpoint] Postmanを使ったSecure Endpoint API v3のExclusion追加方法

Secure the Private Access with File Inspection and File Type controls

Copy Rommon files from switch to other one

Cisco Secure Access : Signature file update の設定を0daysにするとポスチャ検査が失敗