CybelAngel

the cybelangel connector enables seamless integration with cybelangel's services, providing tools for digital risk management and threat intelligence directly within the swimlane ecosystem cybelangel is a digital risk protection platform that specializes in scanning the web to identify, analyze, and manage external threats to an organization's digital assets the cybelangel connector for swimlane turbine enables users to automate the retrieval of access tokens, fetch the latest incident reports within a specified date range, and update the status of incident reports directly within the swimlane platform by integrating with cybelangel, swimlane turbine users can enhance their security posture with streamlined incident management and proactive digital risk monitoring, reducing the time to respond to threats and mitigating potential damage prerequisites to effectively utilize the cybelangel connector within swimlane turbine, ensure you have the following http bearer token authentication with these parameters url endpoint for cybelangel api access token bearer token for authenticating api requests oauth 2 0 client credentials with these parameters url endpoint for cybelangel api access client id unique identifier for the oauth client client secret secret key associated with the oauth client token url url to retrieve the oauth2 access token audience the intended audience for the token, typically the api base url asset configuration the cybelangel connector requires an http bearer token api docs https //developers cybelangel com/docs/cybelangel platform api/509d2370afd30 get reports v2 https //developers cybelangel com/docs/cybelangel platform api/zg9joji1nju4ndq2 retrieve the last incident reports configurations http bearer authentication authenticates using bearer token configuration parameters parameter description type required url a url to the target host string required token the api token string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional oauth 2 0 client credentials authenticates using oauth 2 0 client credentials configuration parameters parameter description type required url a url to the target host string required token url string required client id the client id string required client secret the client secret string required audience the audience for the token request string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get token retrieves a cybelangel oauth2 access token and its expiry time, serving as the initial step in workflows requiring authentication output parameter type description access token string the oauth2 bearer token to pass to subsequent actions expires at string iso 8601 timestamp indicating when the token expires ( 1 hour from creation) pass this alongside access token to each action output example {"access token" "string","expires at" "string"} retrieve last incident reports fetches the latest incident reports from cybelangel within a specified date range, requiring 'start date' and 'end date' parameters input argument name type required description access token string optional optional a pre fetched oauth2 bearer token from the get token action if provided and not expired, it will be reused instead of fetching a new token expires at string optional optional the expiry timestamp of the access token (iso 8601) required when access token is provided parameters start date string required parameters for the retrieve last incident reports action parameters end date string required parameters for the retrieve last incident reports action input example {"parameters" {"start date" "2021 10 22t02 46 14 195826","end date" "2021 10 22t03 30 14 195826"}} output parameter type description id string unique identifier report content string response content url string url endpoint for the request abstract string output field abstract category string output field category created at string output field created at detected at string output field detected at updated at string output field updated at incident id string unique identifier incident type string unique identifier investigation id string unique identifier ip string output field ip keywords array output field keywords keywords name string name of the resource attachments array output field attachments attachments file name string name of the resource attachments file string output field attachments file liveness object output field liveness liveness online boolean output field liveness online liveness last checked at string output field liveness last checked at origins array output field origins origins type string type of the resource origins value string value for the parameter port object output field port registrant email string output field registrant email output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"id" "31b023bc a213 4ede 9cee c8896381840f","report content" "### \n cve\n\n\n### \n 3/4 major\n\n\n#### \n incident report t8xr4h\n\n\n#### 2021/09/22\n ","url" "https //platform cybelangel com/#/reports/31b023bc a213 4ede 9cee c8896381840f","abstract" "our service detected an open web server with a banner matching one of your keywo ","category" "","created at" "2021 09 22t02 46 14 195826","detected at" "2021 09 22t02 50 update report status updates a specific incident report's status in cybelangel using the provided report id and status value endpoint url api/v1/reports/{{report id}}/status method put input argument name type required description access token string optional optional a pre fetched oauth2 bearer token from the get token action if provided and not expired, it will be reused instead of fetching a new token expires at string optional optional the expiry timestamp of the access token (iso 8601) required when access token is provided path parameters report id string required the unique identifier of the report to update status string optional the new status for the report input example {"json body" {"status" "in progress"},"path parameters" {"report id" "31b023bc a213 4ede 9cee c8896381840f"}} output parameter type description result string result of the operation id string unique identifier status string status value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"result" "updated","id" "670e7227 74c9 4579 b6e3 f91ad0169a08","status" "draft"}} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt