It’s easy to be overwhelmed by the quantity of three-letter acronyms when you’re working with software and technology, but there’s three letters that are becoming increasingly more important in the world of software: API.
“Application Programming Interface” sounds like it’s going to be an ominously complicated topic, but it’s a term you should watch out for when you’re evaluating what technology toolset you implement, as having an API opens up a wide range of opportunities for expanding and integrating your information sources.
Perhaps the simplest description of an API is a method of data access (the list of vulnerabilities detected on your infrastructure, for example) or functionality (the tasks you use to carry out scans of your network) using scripts or software.
With a good API, you can automate many day-to-day tasks and reduce the amount of manual effort required to analyze data as well as let two different products interact together, granting you better insight into the relationships between one data point and another.
Tripwire’s product suite fortunately has a number of APIs you can use.
Tripwire Enterprise has a powerful API command set that you can leverage in your business-as-usual workflows to check for changes, manage promotion, and extract data to use with your other tools.
Tripwire IP360 similarly offers a robust API to help you do more with your vulnerability data. For example, rather than having a vulnerability score relating to detected vulnerabilities on a system in isolation, you can automatically extract the score and put it alongside other technical information in your environment such as when the machine was last backed up or when it was last patched to help drive your decision on what to prioritize on when planning upgrades.
Adding a full awareness of what’s going on in the rest of your (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Chris Hudson. Read the original post at: https://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/stop-working-in-silos-integrating-with-apis/