Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8212
Views
10
Helpful
5
Replies

Cisco Talos IP Reputation API Integration

BalajiNagarajan
Level 1
Level 1

‎02-08-2023 09:47 PM

Hello,

I need to integrate the cisco talos IP reputation for validating multiple IPs and send mail.

Does Cisco Talos provide API for it?

5 people had this problem
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎02-09-2023 11:06 AM - edited ‎02-09-2023 11:07 AM

i used before long back as below :

https://docs.ces.cisco.com/docs/api-developer-documentation

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Brian Sak
Cisco Employee
Cisco Employee

‎02-17-2023 08:51 AM

You can use the SecureX APIs to get disposition from the integrated Talos threat intelligence feed.  https://ciscosecurity-sx-00-integration-workflows.readthedocs-hosted.com/en/latest/threatresponse/query_tr.html

Nicholas Penning
Level 1
Level 1
In response to Brian Sak

‎02-24-2023 10:41 AM

Does it required a paid account or business account with Cisco needed to use SecureX APIs?

0 Helpful

JonathanY
Level 1
Level 1
In response to Brian Sak

‎06-22-2023 11:27 AM

May I know if this is the only solution to get Talos intelligence observable reputation? 

If below api doesn't work anymore? As I already get Response [403].

GET 

('https://talosintelligence.com/sb_api/query_lookup', data={"query": "/api/v2/details/ip/", "query_entry": ip_addr, "offset": 0, "order": "ip asc"}, headers={'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.31 Safari/537.36', 'referer': 'https://talosintelligence.com/reputation_center/lookup?search=' + ip_addr})
0 Helpful

Brian Sak
Cisco Employee
Cisco Employee
In response to JonathanY

‎06-23-2023 02:43 PM

There isn't a published public API for reputation off of the talosintelligence.com site. You can run a query off of the website (https://talosintelligence.com/reputation_center/lookup?search=4.2.2.1), but not through an API interface. The SecureX APIs mentioned in this thread will allow you do essentially do the same thing through the Talos Intelligence integration.

0 Helpful
Customers Also Viewed These Support Documents