Automating Cisco Endpoint Security Solutions Using APIs

Inserting security appliances into your enterprise network is necessary but not sufficient. This course will teach you how to programmatically manage Cisco AMP, ThreatGrid, and Umbrella to provide next-generation protection for endpoints.
Course info
Level
Intermediate
Updated
Jul 20, 2020
Duration
1h 39m
Table of contents
Description
Course info
Level
Intermediate
Updated
Jul 20, 2020
Duration
1h 39m
Description

Endpoint security is often overlooked or deferred in the context of enterprise security due to challenges with scalable management. Leveraging automation can greatly simplify endpoint security operations. In this course, Automating Cisco Endpoint Security Solutions Using APIs, you'll explore Cisco's flagship anti-malware product, Advanced Malware Protection (AMP) for endpoints, and interact with it using a robust REST API. Next, you'll discover how to improve the effectiveness of AMP by tying it into ThreatGrid, a detonation chamber for suspected malware, again using the REST API. Finally, you'll learn how to protect roaming users from Internet attacks using Cisco Umbrella, a cloud-hosted, DNS-based security service. Specifically, we’ll focus on the Umbrella Reporting, Enforcement, and Investigate APIs. When you're finished with this course, you'll have the skills and knowledge of security endpoint management to operate and maintain modern solutions at scale using automation.

About the author
About the author

Nick Russo, CCDE #20160041 and CCIE #42518, is your go-to-guy for all things networking and automation. Nick loves training online and speaking at industry conferences sharing his expertise.

More from the author
Designing QoS for IP and MPLS Networks
Intermediate
1h 9m
Sep 17, 2020
Implementing and Validating QoS Designs
Intermediate
1h 19m
Sep 17, 2020
More courses by Nick Russo
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi, everyone. My name is Nick Russo, and welcome to my course titled Automating Cisco Endpoint Security Products Using APIs. As security attacks become more sophisticated and more damaging, businesses need to secure every computer in their organization. This course focuses on programmatically managing these endpoint solutions. Specifically, we'll cover three Cisco products, Advanced Malware Protection, or AMP, for detecting and removing suspected malware; Threat Grid, a malware sandbox for detailed analysis in a secure environment; and Umbrella, a DNS‑based security system to protect against various attacks. After completing this course, you'll know how to design, operate, and maintain various automation scripts to help you manage these solutions in production. Before beginning this course, I'd recommend the following prerequisite courses. These first three courses provide the foundation of software development and programmability skills that are extended in this course. The content around Cisco product APIs will be especially helpful. I'm assuming you already have a strong background in Python programming. These last two courses provide useful context and Python examples in both enterprise and security environments, which is helpful in understanding endpoint security automation. I hope you'll join me on this journey to improve your automation skills with Cisco AMP, Threat Grid, and Umbrella, at Pluralsight.