Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
490
Views
0
Helpful
1
Replies

Secure Endpoint API v3 how to obtain file analysis and file trajectory

IlhamRamadhan50266
Level 1
Level 1

‎07-09-2023 09:56 PM

Hi, we'd like to obtain the file analysis and file trajectory information from Secure Endpoint. From the file analysis page, we'd like to get the threat score and behavioral indicator detail along with the network profile from the file trajectory page (both screenshots are attached). However, looking at the API documentation here https://developer.cisco.com/docs/secure-endpoint/ there's no information about this. Is there any way for us to get these data?

Thanks 

 
 
Preview file
129 KB
Preview file
166 KB
0 Helpful
1 Reply 1

Ken Stieers
VIP
VIP

‎07-10-2023 07:37 AM

File Analysis info comes from Secure Malware Analytics (aka ThreatGrid)... get a "Device Admin" account over there and you should be able to lookup samples your devices submit, that's a separate API... https://developer.cisco.com/threat-grid/
I don't see any way to get file trajectory... but you could bounce the SHA against the SecureX CTR API and let it tell you where it saw it. https://developer.cisco.com/threat-response/
0 Helpful
Customers Also Viewed These Support Documents