Connect and Use Your OT Cybersecurity Insights with APIs
Updated API and sample scripts for Cisco Cyber Vision
Attention developers! I have very good news for you. Since the latest version update to 4.0, Cisco Cyber Vision became even more developer friendly introducing an updated API and an updated sample script collection. Before going into details, let’s talk a bit about this industrial cybersecurity software.
You have no overview of what devices are currently connected in your industrial network? Or, do you need to detect abnormal behaviors or malfunctions which are happening between your industrial components? If so, then Cisco Cyber Vision will help you. You can read more about it in my previous blog, “Secure Your Industrial Control Systems – Simplifying IoT Security.”
Here is an overview of the brand-new content:
Updated learning labs & sandbox
Do you want a “playground” to test the Cyber Vision 4.0 APIs which is ready within minutes? Are you new to Cyber Vision and doesn’t know where to start? No worries, we got you covered! You can now reserve a Cyber Vision 4.0 instance which includes already some testing data for you to try out. Furthermore, there are 2 new learning labs which will get you started with the latest Cyber Vision version and even how you can use Python to get more out of the collected industrial cybersecurity data.
Cisco Cyber Vision Sandbox features sample data as seen here in the map view
All-new Cyber Vision API Postman Collection
Do you love Postman as we do? And maybe the swagger UI is too basic for your needs? Then we have another good news: Cyber Vision 4.0 features a Postman collection. You don’t need to copy & paste various API URLs, just insert the Cyber Vision Center IP address and your API token once and do any API calls by simple mouse clicks.
Using the Cisco Cyber Vision Center APIv3 Postman Collection
3x all-new Cyber Vision Sample Script Collections
Do you need some code examples to start with? Or even use them in your own environment? We just released 3 different Cyber Vision sample script collections for you to use and get started:
– Cisco Cyber Vision API Sample Scripts
This repository includes a couple of general Python scripts for Cyber Vision 4.0. For example, exporting data to CSV files, exporting flows, managing groups etc.
– Cybervision Security and Automated Components Grouping
This Python application can be already used out of the box and is split into 2 tasks:
- Task 1. It retrieves domains/public IPs from cyber vision and checks them against Cisco Umbrella (or integrated 3rd party platform) to get their reputation. For any malicious domain or IP detected, an event is pushed to Cyber Vision dashboard to notify the user.
- Task 2. It auto-groups components. A group here is a logical collection of components that share certain characteristic. When Cisco Cyber Vision is deployed in an environment, it detects the components connected. To reduce the manual work of grouping components, this applications automatically groups ungrouped components according to vendor. A further development of the project could also automatically group components by subnet or tags.
– Cyber Vision Sensor Management with Ansible
Ansible is an open-source software provisioning, configuration management, and application-deployment tool. With these pre-configured Ansible configuration files you can deploy the Cyber Vision sensor application to multiple Cisco Devices (e.g. Cat9000, IR1101, IE3400 etc.) automatically at once.
I am pretty sure you will like our new content for Cyber Vision! Let us know what you like or wish to see in the future! You can leave me a question or comment in the Comments section below.
We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!
LinkedIn | Twitter @CiscoDevNet | Facebook | Developer Video Channel
Share: