HYAS PROTECT API INTEGRATION
Integrations that accelerate customer value
HYAS Protect API services provide scalable and flexible management of and access to HYAS Protect. HYAS Protect changes the security paradigm through a focus on adversary infrastructure and preempting attacks by blocking malicious domains.
This provides an onramp to identify and manage potentially malicious domains used in malware, ransomware, and phishing attacks. You are able to manage HYAS Protect services and benefit from:
- A vast repository of new malware detonated daily
- Trillions of data points on adversary infrastructure
- Innovations from multiple industry-leading machine learning teams
- Cloud native for scalability, availability, and deployability
The HYAS Protect API provides two types of services
- HYAS Protect configuration and management (example: adding or modifying a custom domain block list).
- HYAS Protect “Verdict” services to integrate with existing enterprise security infrastructure. Verdict services return a risk score (permitted, suspicious, malicious) for domains or IP addresses that are provided, as well as the rationale behind the verdict.
HYAS Protect API Format
Type: HYAS Protect provides a RESTful API that uses JSON.
Authentication
Authentication is performed using X-API-Key header with provided PSK API key on each request. It is important that customers protect their API credentials. Prices correspond to queries authenticated with your key, even if you later determine the requests were fraudulent. Please contact customer support if you need to revoke/reissue an API key.
Data Topics
Data list services can be used to adjust Protect verdicts. Customers are allowed to provide of the following types.
- Domain names
- FQDNs
- IP addresses
- IP CIDRs
- Nameservers
- Registrars
Both allow lists and deny lists are supported.
Lists can be managed locally or remotely. A remote list is essentially a feed and requires a URL and configuration of an update interval.
Verdict services are used for integration purposes. By specifying an FQDN, domain name, or IP address, a request can be made for a verdict. The returned verdict indicates whether to allow or block communication to that infrastructure. Verdicts also provide rationale(supporting data) regarding why HYAS rated that particular infrastructure with the specific result.