Cisco : Explore the Threat Intelligence Capabilities in the Threat Grid API
January 23, 2018 at 02:09 pm EST
Share
Cisco Threat Grid offers a powerful combination of automated malware analysis and advanced threat intelligence. Threat Grid is the file analysis backend of all Cisco Advanced Threat Solutions (ATS) products, and is directly usable via a portal account in the cloud deployment or portal access to a local appliance version. What is less well known, is the availability of a powerful API that offers access to most Threat Grid functions and information. This allows you, the customer, to integrate advanced analysis capabilities into existing SOC tooling and processes - with minimal development expertise required.
If you're going to be at Cisco Live next week in Barcelona, you can register for the DevNet workshop I am leading. We will be exploring the most basic threat intelligence capabilities of the API. This 45 minute session requires a beginner level understanding of Python or a similar scripting language, and by the end of it you will be equipped to write scripts that retrieve timely and relevant threat intelligence in formats that are ready for importation into popular SOC tools.
If you're not able to join me in Barcelona, stay tuned to this space for updates about this and similar sessions at Cisco Live 2018 in Melbourne and Orlando - or take the recently published, self-guided 'Introduction to the Cisco Threat Grid API Learning Lab.'
Here are some additional links you may find helpful:
Threat Grid introduction at Cisco.com :
Threat Grid YouTube Playlist - This playlist shows several features and use cases of Cisco Threat Grid. The subjects are largely about interactive portal use, but stay tuned for more API content here as well!
Threat Grid online API documentation:
Tags:
Cisco Systems Inc. published this content on 23 January 2018 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 23 January 2018 19:09:03 UTC.
Original documenthttps://blogs.cisco.com/developer/explore-the-threat-intelligence-capabilities-in-the-threat-grid-api
Public permalinkhttp://www.publicnow.com/view/0A2D2E3A874A3346AD76D87F81997EDC4D1AEE45
Cisco Systems, Inc. is the world leader in designing, developing, and marketing Internet network equipment. Net sales break down by family of products and services as follows:
- network equipment (68.9%); switches and routers, technological software and systems (storage, Internet access, and security systems, wiring, gateways, connection interfaces and modules, etc.), etc.;
- services (24.3%): technical assistance, network design, execution, and integration services, etc.;
- security products (6.8%).
Net sales are distributed geographically as follows: Americas (58.7%), Europe/Middle East/Africa (26.6%) and Asia/Pacific (14.7%).