CTM360 CyberBlindSpot

the ctm360 cyberblindspot connector integrates with swimlane turbine to allow for automated actions using the ctm360 cyberblindspot apis prerequisites this connector requires the following input parameters to authenticate url api key capabilities this connector provides the following capabilities close incident incident request takedown list incident configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required api key api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions close incident close a cbs incident endpoint url /api/v2/incidents/close incident method post input argument name type required description ticketid string optional unique identifier input example {"json body" {"ticketid" "comx41148897294"}} output parameter type description status code number http status code of the response reason string response reason phrase statuscode number status value success boolean whether the operation was successful message string response message output example {"status code" 200,"response headers" {"content type" "application/json; charset=utf 8","content length" "81","connection" "keep alive","date" "wed, 03 apr 2024 06 30 55 gmt","server" "nginx","vary" "origin","access control allow credentials" "true","etag" "w/\\"51 awox9vbgknj2dj2bqic/jdmp5dg\\"","x cache" "error from cloudfront","via" "1 1 719a8a3051824d9bf82ea46b74aff862 cloudfront net (cloudfront)","x amz cf pop" "bom78 p4","x amz cf id" "kjvsm yq3eq9kdinpe0mo4xqavombz8hat76spytqz5f4hic2gaamg== incident request takedown request a takedown of the asset where the incident was found endpoint url /api/v2/incidents/request takedown method post input argument name type required description ticketid string optional unique identifier input example {"json body" {"ticketid" "comx415993788418"}} output parameter type description status code number http status code of the response reason string response reason phrase statuscode number status value success boolean whether the operation was successful message string response message output example {"status code" 200,"response headers" {"content type" "application/json; charset=utf 8","content length" "81","connection" "keep alive","date" "tue, 02 apr 2024 10 46 04 gmt","server" "nginx","vary" "origin","access control allow credentials" "true","etag" "w/\\"51 awox9vbgknj2dj2bqic/jdmp5dg\\"","x cache" "error from cloudfront","via" "1 1 42a0bfce97a174e5c6d2b115346fb472 cloudfront net (cloudfront)","x amz cf pop" "hyd50 c2","x amz cf id" "ceaxu8ehhoapmforcss4t zdkpzjcfakty6nz2zacnspx9ihyzmcig== list incident get the list of incidents from cbs endpoint url /api/v2/incidents method get input argument name type required description parameters datefrom string optional parameters for the list incident action parameters dateto string optional parameters for the list incident action parameters maxhits number optional parameters for the list incident action parameters order string optional parameters for the list incident action input example {"parameters" {"datefrom" "23 10 2023 07 00","dateto" "23 10 2023 23 00","maxhits" 2,"order" "asc"}} output parameter type description status code number http status code of the response reason string response reason phrase statuscode number status value success boolean whether the operation was successful message string response message incident list array unique identifier incident list id string unique identifier incident list subject string unique identifier incident list severity string unique identifier incident list type string unique identifier incident list class string unique identifier incident list status string unique identifier incident list coa string unique identifier incident list remarks string unique identifier incident list created date string unique identifier incident list updated date string unique identifier incident list brand string unique identifier incident list timestamp number unique identifier count number count value output example {"status code" 200,"response headers" {"content type" "application/json; charset=utf 8","content length" "2871467","connection" "keep alive","date" "tue, 02 apr 2024 11 11 49 gmt","server" "nginx","vary" "origin","access control allow credentials" "true","etag" "w/\\"2bd0ab foqlqmlu7kr3bqpp/d80n0i/hpu\\"","x cache" "miss from cloudfront","via" "1 1 c3c13380d1c5bf8586d7fd3d4dbe9502 cloudfront net (cloudfront)","x amz cf pop" "hyd50 c2","x amz cf id" "sbywlgqdkcgdnpnhykdgax2fhdpajvulr9iqkq7ejxswsit2 response headers header description example access control allow credentials http response header access control allow credentials true connection http response header connection keep alive content length the length of the response body in bytes 2871467 content type the media type of the resource application/json; charset=utf 8 date the date and time at which the message was originated tue, 02 apr 2024 10 46 04 gmt etag an identifier for a specific version of a resource w/"51 awox9vbgknj2dj2bqic/jdmp5dg" server information about the software used by the origin server nginx vary http response header vary origin via http response header via 1 1 719a8a3051824d9bf82ea46b74aff862 cloudfront net (cloudfront) x amz cf id http response header x amz cf id sbywlgqdkcgdnpnhykdgax2fhdpajvulr9iqkq7ejxswsit2tz pfw== x amz cf pop http response header x amz cf pop hyd50 c2 x cache http response header x cache miss from cloudfront