CybelAngel’s API

Combine day-to-day efficiency and comprehensive coverage

We believe data leak detection shouldn’t be a standalone product in your cybersecurity toolstack. It should integrate with your cybersecurity ecosystem, seamlessly. As organizations use an average of 47 different tools as part of their cybersecurity operations, every integration paves the way to simpler workflows.*

That’s why CybelAngel’s API allows integration to all Security Orchestration, Automation and Response (SOAR), IT Service Management (ITSM) and Security Information and Event Management (SIEM) platforms like ServiceNow, IBM Q-Radar and Resilient, Jira ServiceDesk or Splunk. 

Thanks to our API, you will be able to:

• Scale your digital risk protection by integrating real-time, zero false-positive data leak detection capacities with your existing toolstack. 
• Streamline your incident response by building simplified workflows.
• Enrich your threat intelligence strategy by correlating CybelAngel incidents with alerts from other digital risk management solutions.

*source: Ponemon, The Cybersecurity Illusion: The Emperor Has No Clothes, 2019

What is CybelAngel’s API?

As a refresh, API stands for Application Programing Interface. An API is a software-to-software interface, not a user interface. With APIs, applications talk to each other without any user knowledge or intervention. An API gives the application access to the data of another application. Concretely, it permits reuse of a tool or data that already exists.

CybelAngel’s delivery platform is built on top of a fully documented RESTful API available on demand. It allows for a lightweight, efficient, yet robust integration. CybelAngel’s API enables a frictionless integration of CybelAngel’s capacities with your existing IT and cybersecurity toolstack. It allows for your SOAR, ITSM or SIEM platforms to display and use data from CybelAngel’s Incident Reports, without additional manipulation once the initial setup is done. 

You can use the API to automate cybersecurity workflows such as:

• Leaked credentials detected by CybelAngel trigger a password change from your orchestrator.
• Suspicious domains flagged by CybelAngel are automatically blacklisted in your firewall.

If you are a ServiceNow user, we already have the connector ready for you to use. Learn more about it here

No loss of information, less menial work for your operational teams.

How does CybelAngel's API work?

Among other back-office features, the API allows you to:

• Retrieve, manage, resolve all Incidents Reports.
• Map Incidents detected in CybelAngel to events in your SOAR, ITSM or SIEM platforms. 
• Consult comments in Incident Reports.

All fields of incident reports are available in the form of structured data. You can customize the streams of data you wish to use based on your needs. API access is secured using the standard OAuth2 authentication. 

Do I need dedicated resources to set up and operate CybelAngel’s API?

It depends. Getting access to the API is straightforward, as you can see below. Still, to fully benefit from the API’s potential, you will probably want to build custom connectors to integrate CybelAngel with your other platforms.

Complexity of setup can depend on your current toolstack and configuration. Our technical team will remain available to assist you.

Note that our technical team can help develop custom connectors on demand, and upon quotation. We can also help refer to partners to build such connectors. Please contact your Customer Success Manager.

Sounds great, how do I get started?

On the Enterprise plan, your subscription includes an API access. On the Standard plan, API access can be provided on demand, and upon quotation: reach out to your Customer Success Manager.

To start using the API, it’s very easy:

1. Contact our Support team to obtain your credentials. You will be communicated with a client_id and a client_secret that will allow you to fetch tokens for our API. These tokens expire after several hours.
2. Request CybelAngel’s API from your ITSM or SIEM interface following your vendor’s instructions. 
3. You will be able to synchronize the data from CybelAngel with your ITSM or SIEM solution.

For further information, access the technical documentation from the following url: https://developers.cybelangel.com/ . 

Note that our technical team can help develop custom connectors on demand, and upon quotation. We can also help refer to partners to build such connectors. Please contact your Customer Success Manager.