when R8x REST API expanded to include URLF blade?

Garrett_DirSec — Thu, 31 Aug 2017 17:49:27 GMT

Hello -- This is topic frequently raised with local CP engineering team, but I figured I would push to larger audience.

As of CP REST API v1.1, there is only small support for AppCtl blade.

Any ideas when (if) the CP REST API will ever support URLF blade?

We would love to displace Websense (Forcepoint) in couple accounts and are limited by fact there's no CP API options to interact with URLF blade.

example: customer has customer developed internal self-help user awareness web site for checking web sites provided in email. customer has more than 5k users. If someone receives email from someone they don't know and includes a "click here" link, users are educated enough to right-click, copy, and paste into form on their self-help web site.

The web page queries the Websense (Forcepoint) filter service and establishes category, threat level (if any), and whether user would be able to access (based on their username + IP + policy).

Yes, CP has various protections to guard against phishing URL links (example: sandblast for browsers), but this requires completely new product purchase (vs just enabling URLF blade on gateways) and educating end-users on different procedure.

Thus, we are hoping that CP R8x REST API will be expanded for programmatic interaction with URLF blade functions.

examples:

query URLF blade for classification

query URLF blade for action if user accesses URL provided

check URL reputation (if possible as this is stored in antibot).

thanks -GA

Re: when R8x REST API expanded to include URLF blade?

PhoneBoy — Fri, 01 Sep 2017 17:19:39 GMT

Basically what you're asking for is to expose an API similar to what we've done for SandBlast API‌ (i.e. for other parts of ThreatCloud).

It's a good suggestion.

topic Re: when R8x REST API expanded to include URLF blade? in API / CLI Discussion

when R8x REST API expanded to include URLF blade?

Re: when R8x REST API expanded to include URLF blade?