[ { "title":"Security Dev Center" } ] Code Exchange https://developer.cisco.com/codeexchange/explore/#tech=Security _blank Docs api/ _blank Webinars https://www.brighttalk.com/search/?q=cisco+security+devnet _blank Community https://community.cisco.com/t5/developer-security/ct-p/j-developer-security _blank
Watch SPOT ON! demo videos The SPOT ON! series is a way to show the art of the possible with Cisco's security portfolio.
The goal is to showcase scenarios where it is an advantage to use available automation and programmability tools.
This is a volunteering initiative run by the Security Programmability Team (SPOT) at Cisco. New episodes will be released weekly. #spot-on _self Join the security developer community The DevNet developer security community has been redesigned and reorganized around developers writing integrations and automations including SecureX orchestration. https://community.cisco.com/t5/developer-security/ct-p/j-developer-security _blank Can't get enough videos? Check out the DevNet Security webinar series which addresses the challenges that defenders are facing in the Cybersecurity world.
Learn how these challenges can be overcome through integration and automation. https://www.brighttalk.com/search/?q=cisco+security+devnet _blank
Getting started
  • Threat Hunting with Cisco Security APIs
  • Security API Docs
  • Getting started with SecureX
I’m looking for information about...
  • Enrich and remediate your security events
    Get comprehensive threat intelligence
    Automating configuration and policy management
  • Securing your network with automation
    Securing cloud resources and apps
    Integrating with third-parties
Weekly tips & tricks with Cisco APIs PL2k86RlAekM9yYoUne7ZxHEn0zFHXn806 25
Getting started with Cisco Security APIs
Threat Hunting with Cisco Security APIs Get hands-on experience with a selection of Cisco Security APIs and programmable platforms. Complete the mission to perform an incident investigation and create the workflow around a threat hunting use case. Get started Cisco Security API Docs Go directly to the Security API Index to reference all Cisco Security API docs. This is the perfect stepping stone if you know what you are looking for to find all relavant documentation for a specific Cisco security solution. View docs Getting started with SecureX Learn all about Cisco SecureX! You will learn about SecureX orchestration, and how to use this low-to-no-code approach to automating your security operation. You can also get your hands dirty and learn more on SecureX threat response and it's API. Learn more
Enrich and remediate your security events
Add context from Cisco security products and threat intelligence sources automatically so that you know instantly which of your systems were targeted and how. Block suspicious files, domains, and more without having to log in to another product.
  • SecureX threat response
    Formerly Cisco Threat Response API. Automate the incident response process and manage threat intelligence and security context data in a single location.
    Learn more
  • Secure Malware Analytics
    Formerly Threat Grid API. This can be used for enrichment. Use indexed and searchable indicators and data for triage, hunting, or threat intelligence.
    Learn more
  • Umbrella APIs
    The Umbrella Investigate and Enforcement APIs can be used to find emerging threats and block compromising domains.
    Learn more
  • ISE ANC
    This API can be used for enforcement. Adaptive Network Control (ANC) provides the ability to create network endpoint authorization controls based on ANC policies. This can be used to do a Change of Authorization (CoA) of an endpoint when a security event has ocurred.
    Learn more
  • Secure Endpoint
    Formerly AMP for Endpoints. This API can be used for enforcement. Collect event data directly from the AMP cloud. Also you can take responsive actions by adding file hashes to block lists, or moving computers to triage groups.
    Learn more
  • Secure Firewall
    Formerly Firepower. This API can be used for enforcement. REST-based API for managing Firepower Threat Defense (NGFW) and legacy Firepower devices through a Firepower Management Center (FMC).
    Learn more
Get comprehensive threat intelligence Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world, comprised of world-class researchers, analysts and engineers.
Talos defends Cisco customers against known and emerging threats, discovers new vulnerabilities in common software, and interdicts threats in the wild before they can further harm the internet at large. Talos blogs Talos open source Talos podcasts Learn more about Talos
Automating configuration and policy management
Manage security policy changes across various security products. Centralize network security policy and device management.
  • Identity Services Engine
    Identity Services Engine (ISE) is an identity and access control policy platform enabling enterprises to enforce compliance, enhance infrastructure security, and streamline their user network access operations.
    Learn more
  • Cisco Defense Orchestrator
    Cisco Defense Orchestrator (CDO) is a cloud-based management solution that allows you to manage security policies and device configurations with ease across multiple Cisco and cloud-native security platforms.
    Learn more
  • Firepower Management Center
    Firepower Management Center (FMC) manages Firepower Threat Defense and legacy Firepower devices through a Firepower Management Center.
    Learn more
  • SecureX threat response
    Automate the incident response process and manage threat intelligence and security context data in a single location.
    Learn more
Securing your network with automation
The convergence of security and networking enables organizations to leverage the intelligence and visibility the network provides to make more informed decisions on policy and threats. Network security combines multiple layers of defenses at the edge and in the network.
  • Digital Network Architecture
    With Digital Network Architecture (DNA), you can create connections never before possible. Integrate devices from any provider. Transform slow, manual processes into fast, automated workflows.
    Learn more
  • ISE Monitoring
    Monitoring REST API calls allow you to locate, monitor, and accumulate important real-time, session-based information stored in individual endpoints in a network. You can access this information through a Monitoring node.
    Learn more
  • Secure Firewall
    REST-based API for managing Firepower Threat Defense (NGFW) and legacy Firepower devices through a Firepower Management Center (FMC) and Firepower Device Manager (FDM).
    Learn more
  • Secure Network Analytics
    Formerly Stealthwatch Enterprise. Advanced threat detection, accelerated threat response, and simplified network segmentation using multilayer machine learning and entity modeling
    Learn more
Securing cloud resources and apps
Cisco empowers DevSecOps with end-to-end insight and control for every component of your applications - cloud and on-prem infrastructure, Kubernetes, Docker, microservices, and end users.
  • App-First Security
    Focus on building features by using security guardrails to automate connection tracing, segmentation, behavior analysis, threat detection, forensics, and containment.
    Learn more
  • AppDynamics
    Build better web and mobile applications with deep performance visibility in test, pre-production, and production environments.
    Learn more
  • Secure Access by Duo
    Duo offers web services accessible via REST APIs, allowing you to customize the two-factor authentication user interface for your mobile, web or desktop app.
    Learn more
  • Secure Cloud Analytics
    Formerly Stealthwatch Cloud. It detects and responds to advanced threats across private and public cloud networks. Get insight and context of applications on the network with high-precision alerts using machine learning, behavioral modeling, and telemetry.
    Learn more
  • Secure Workload
    Formerly Tetration. Automate micro-segmentation and gain better threat detection and protection with Cisco Tetration.
    Learn more
Integrating with third-parties
Accelerate threat hunting and incident response by seamlessly integrating threat response and your existing security technologies. You have the flexibility to bring your tools together, whether it's with integrations that are built-in, pre-packaged, or custom.
  • ServiceNow
    The ServiceNow module in Threat Response, enables ServiceNow to be a data source when the analyst starts an investigation in the Threat Response UI or via the API. This enables the analyst to query ServiceNow for historical context from previous incidents that involved a given observable.
    Learn more
  • Splunk
    The Threat Response Add-On for Splunk provides a custom search command allowing users to query Cisco Treat Response for targets and verdicts from observables within a Splunk instance.
    Learn more
  • Radware DDoS
    Radware's cloud security services are integrated with Cisco SecureX to provide organizations with an integrated security portfolio that unifies visibility, accelerates response times and strengthens the security posture of your network, applications and cloud environments.
    Learn more