Inserting security appliances into your enterprise network is necessary but not sufficient. This course will teach you how to programmatically manage Cisco AMP, ThreatGrid, and Umbrella to provide next-generation protection for endpoints.
Endpoint security is often overlooked or deferred in the context of enterprise security due to challenges with scalable management. Leveraging automation can greatly simplify endpoint security operations. In this course, Automating Cisco Endpoint Security Solutions Using APIs, you'll explore Cisco's flagship anti-malware product, Advanced Malware Protection (AMP) for endpoints, and interact with it using a robust REST API. Next, you'll discover how to improve the effectiveness of AMP by tying it into ThreatGrid, a detonation chamber for suspected malware, again using the REST API. Finally, you'll learn how to protect roaming users from Internet attacks using Cisco Umbrella, a cloud-hosted, DNS-based security service. Specifically, we’ll focus on the Umbrella Reporting, Enforcement, and Investigate APIs. When you're finished with this course, you'll have the skills and knowledge of security endpoint management to operate and maintain modern solutions at scale using automation.
Course Overview Hi, everyone. My name is Nick Russo, and welcome to my course titled Automating Cisco Endpoint Security Products Using APIs. As security attacks become more sophisticated and more damaging, businesses need to secure every computer in their organization. This course focuses on programmatically managing these endpoint solutions. Specifically, we'll cover three Cisco products, Advanced Malware Protection, or AMP, for detecting and removing suspected malware; Threat Grid, a malware sandbox for detailed analysis in a secure environment; and Umbrella, a DNS‑based security system to protect against various attacks. After completing this course, you'll know how to design, operate, and maintain various automation scripts to help you manage these solutions in production. Before beginning this course, I'd recommend the following prerequisite courses. These first three courses provide the foundation of software development and programmability skills that are extended in this course. The content around Cisco product APIs will be especially helpful. I'm assuming you already have a strong background in Python programming. These last two courses provide useful context and Python examples in both enterprise and security environments, which is helpful in understanding endpoint security automation. I hope you'll join me on this journey to improve your automation skills with Cisco AMP, Threat Grid, and Umbrella, at Pluralsight.