Cloud Resource Context Enrichment provides resources with cloud attributes and context from various features within InsightCloudSec. Cloud Resource Context Enrichment empowers security investigation teams to conduct thorough analyses of threat finding events in their SIEM/XDR platforms. The API serves as a centralized data source, collecting comprehensive information about each resource based on the following contexts:
- Harvested cloud attributes (Cloud properties, tags etc.)
- Risk data (associated vulnerabilities, misconfigurations, IAM insights etc.)
- Permissions (LPA - Least Privileges Access) context
- ATA data (relationships)
- Application context
Using the API Documentation
This API documentation is currently offered “as-is” and as such we want to provide the following recommendations:
If you are not familiar with our API, or are working with these capabilities for the first time, we strongly recommend that you coordinate with your CSM or our support team.
We make this recommendation because some use cases may require additional clarification and we are here to help. Working with us directly will ensure that you are able to use our API effectively for whatever goals you have.
As part of our commitment to a great customer experience we are actively working on productizing our API. This includes outlining a hardened and repeatable standard for future endpoints and identifying common/high-impact use cases for verification and possibly revision/versioning.
Also, where possible, there are example requests and responses for the documented endpoints. These are available in the "EXAMPLES" drop-down menus within the "REQUEST" and "RESPONSE" sections on the right-hand side of an endpoint page. You can also check out some high-level Getting Started information here.
If you have questions or concerns regarding the content here, or need support using our API reach out to us through the Customer Support Portal.