Solving the API Puzzle the Right Way (Hint: Don’t Be Janky)

When it comes to optimizing your security solution, APIs (Application Programming Interfaces) are very likely to become your new BFF. You can rely on APIs to essentially supercharge your existing platform; in doing so, you’ll increase your ROI.

The API ecosystem is vast, as are the many ways APIs are used in the security space. This is thanks in part to cloud platforms and services encouraging integration of all things. It extends from enabling more robust security information and event management (SIEM) capabilities for upleveling those risk-based alerts, to integrating disparate and shallow data pools into plunge-worthy data lakes leveraging platforms like Splunk, to collecting and automating threat responses via SOAR (security orchestration, automation and response) platforms, and to integrating security platforms with configuration management databases (CMDBs) or ticketing systems like ServiceNow. 

It’s worth the effort to explore what APIs can mean to your Customer Experience (CX). But do it right and don’t take shortcuts (in other words, don’t be janky with this). Be sure to go about it in an organized way to get the most from the experience. This isn’t something you want to throw together when dealing with mission-critical processes. 

• Start with a good understanding of what you want to accomplish by looking at areas where your security workflows could use some judicious streamlining. 
• Make life easy on yourself by opting for API use cases that have already been written and vetted by the vendor. And don’t worry if it’s not quite the perfect fit; these existing use cases can be modified to fit your specific needs, and your vendor should help you with that. At Kenna Security, our customers frequently suggest new API use cases via our Kenna Defenders user community, and/or find new, innovative ways to leverage Kenna’s APIs via their internal teams.  So if your need isn’t entirely unique to your business, there’s a good chance someone has already found a way to make it happen using the API.
• Finally, make sure your API implementations are rock solid and secure. Because in the security space, shortcuts get you into trouble, and this is no place to settle for “good enough.” (A 2019 report showed API calls accounted for more than 80% of all web traffic, making them a prime target for bad guys.) Look for platforms that incorporate REST architectures secured with strong authentication and access methods, such as API keys, OAuth authentication or JSON (Javascript object notation) tokens. 

While API use cases abound, three are among the most popular: automating tasks, integrating and enchricing data, as well as generating reports. These API use cases have arisen from customer requests or scripting contributions. (This type of collaborative problem solving is something customer-focused security vendors should strive to implement.) Here’s a look at each.

Automating tasks to save time and sanity

Whenever you do something often enough, you’re likely to want to do it faster. Sometimes, it’s just a matter of certain tasks requiring too many clicks through the user interface (UI). 

One Kenna customer, a global hotel franchise, utilized an API to automatically create Kenna Risk Meters when new asset types are detected and tagged. The API allows the company to immediately assess the relative risk posed by the newly discovered asset category, wherever those assets reside.

An API like this can have far-reaching benefits for a large enterprise. For instance, Security professionals in various divisions can see that these meters are spinning up and benefit from them without having to actively engage in the API process themselves. In the hotel business, this could help franchise operators keep track of and follow the parent company’s Security best practices. This creates a self-service environment for Security and IT as they work to reduce the company’s risk posture.

Integrating and/or enriching data for a 360-degree view of your security posture

Siloed data is helpful to no one. This is particularly true for crucial Security information, such as vital threat and vulnerability intel that can help inform your remediation strategy.  

Increasingly, we’re seeing organizations move to integrate the whole of their vulnerability information into centralized data lakes, often using a massive Splunk log and a standardized set of tools. One financial services firm uses our Kenna.VI+ API to bring all the latest CVE (Common Vulnerabilities and Exposures) data into a comprehensive data lake for consolidation and subsequent parsing, in the process creating a one-stop-shop for vulnerability information. 

Other companies use our API to bring data into Kenna.VM, which they then use as their central repository for all their vital security information. One such customer, a $1 billion U.S.-based software company, regularly pulls in data from multiple sources via pre-built connectors to third-party products. But for data sources that don’t have a connector, they use the API to create a comprehensive view of their entire security environment, accessible within their vulnerability management platform.

Whatever tool you use, you should have a platform whose API gives you access to the tool’s most valuable data. It’s that simple.

Custom reporting for non-Security audiences

Your executives and board members probably don’t need or even want to see all the metrics and KPIs you use to do your job. They’re interested in progress, and from my experience that means whatever you’re doing to successfully reduce risk to the business.  

So executive reporting tends to require custom report formats. And if your security solution’s UI doesn’t have built-in support for all the reporting formats you want, you’re going to be busy. An API can help.

We’re seeing this in a variety of customers, including a large insurance firm that uses our API to pull data from Kenna.VM for executive reporting. The API simplifies the workflow needed to build custom reports in external tools like Tableau.  And guess what? Execs are happy. Security’s happy. Everybody’s happy. A helpful API once again makes the world a better place.

Got API questions? We got a guy

If you’re interested in exploring what various APIs can do for you, I encourage you to tap our own in-house expert, Rick Ehrhart, known to this blog as The API Guy. His monthly blog offers all kinds of how-to tips and best practices you can reference to optimize your own use of Kenna solutions. Rick also provides useful code examples on GitHub, for those who want to see what’s under the hood.

Have specific questions or are interested in your own integrations? Email us at api@kennasecurity.com 

Your API use case may be unique, or it might be just the thing to help other enterprises like yours. But one thing I’m sure of by leveraging Kenna’s APIs the right way: It won’t be janky.