968
Views
0
Helpful
1
Replies
Secure Endpoint API v3 how to obtain file analysis and file trajectory
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2023 09:56 PM
Hi, we'd like to obtain the file analysis and file trajectory information from Secure Endpoint. From the file analysis page, we'd like to get the threat score and behavioral indicator detail along with the network profile from the file trajectory page (both screenshots are attached). However, looking at the API documentation here https://developer.cisco.com/docs/secure-endpoint/ there's no information about this. Is there any way for us to get these data?
Thanks
Labels:
1 Reply 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2023 07:37 AM
File Analysis info comes from Secure Malware Analytics (aka ThreatGrid)... get a "Device Admin" account over there and you should be able to lookup samples your devices submit, that's a separate API... https://developer.cisco.com/threat-grid/
I don't see any way to get file trajectory... but you could bounce the SHA against the SecureX CTR API and let it tell you where it saw it. https://developer.cisco.com/threat-response/
I don't see any way to get file trajectory... but you could bounce the SHA against the SecureX CTR API and let it tell you where it saw it. https://developer.cisco.com/threat-response/
