By Daniel Ashual | November 18, 2020

 

This post is part of our Feature Spotlight series, which dives into specific features and capabilities of The Claroty Platform. You can find more posts like this in the Feature Spotlight section of the Claroty Blog.

As enterprises race faster and faster towards digital transformation goals, the ways in which data is utilized in the search for increased efficiencies are expanding rapidly. This is especially true when it comes to integration among network security and workflow tools. Traditionally complicated API documentation, where supported calls are unclear and implementation procedures require specialized skills, can significantly hinder the integration process and be cumbersome on organizations that require quick and efficient ways of utilizing data feeds.

To this end, an API Explorer has been added to Claroty Continuous Threat Detection (CTD). Built on the Swagger framework, this new feature allows users to authenticate and view all supported API calls and includes automated documentation, code generation, and test-case creation. The API Explorer empowers users to harness the vast amount of network information provided by CTD to build custom feeds like asset reports, alert feeds, and system status reports outside of the Claroty environment. Aside from providing customized ways to use information, the API Explorer allows security teams to reduce the number of tools they are required to interact with by feeding information into existing solutions.

Why Use Swagger?

Swagger is an Interface Description Language that is used to describe RESTful APIs with three main use cases: to develop, interact with, and document APIs. Swagger automatically parses supported API calls from Claroty CTD when the system is deployed, taking the information and placing it into an organized, clearly labelled hierarchy. This information is displayed directly within the API Explorer page within CTD.

 

Accessing the Claroty API Explorer from the CTD interface.

This means that API developers are no longer forced to scroll through complicated API documentation to search for supported calls in their environment. By simplifying this process users are able to more easily and efficiently utilize the data obtained through API calls for their specific needs.

As stated above, the information obtained through API calls supports a number of use cases that are becoming more essential to enterprises as digital transformation efforts expand. These use cases include building customized automation workflows and reports that can benefit users across the organization. From a deployment perspective, the API Explorer within CTD is also available through Claroty’s Enterprise Management Console (EMC), meaning that API calls are supported globally as well as by site.

Here are a few ways specific functions can benefit from the use of custom API calls via the API Explorer within CTD:

  • SOC Analyst: By implementing API calls, enterprise SOC Analysts can gather all OT alerts in the network and forward them to an existing project management or communication platform. These alerts can be further investigated, resolved, and archived from these 3rd party systems according to the organization’s standard operating procedure without ever connecting directly to The Claroty Platform.
  • OT Technician: Using the API Explorer, OT Technicians are able to fetch the OT asset inventory from CTD and automatically update the CMDB or create custom asset reports based on their specific needs. For example, a technician can automate a report on high-risk PLCs to check for any open alerts on the devices.
  • Deployment Engineer: As OT networks are filled with devices of widely varying ages and vendors, API calls can be used to check the status of assets on the network. For example, engineers can gather data from the EMC on specific-brand assets from all sites within the network to manage license updates, installations, or preventative maintenance schedules.

In short, the API Explorer eliminates cumbersome support documentation and implementation instructions and provides users with the ability to use API calls in a simple, well-documented, and fully customizable way.

To learn more about the limitless ways in which the API Explorer can be used, or to check out the rest of what The Claroty Platform has to offer, request a demo.