Mike Jones, Director of Product Management, Agari
What does API mean to you? Freedom from web UIs? Ability to manipulate data to your needs? Integration with internal tools? Something my technical people ask for, but it's all big data magic to me? Depending on your role or needs, any of these could be true. At Agari, we strive to have a flexible and powerful web interface to allow you to understand your data and guide you along a path to protecting your brand in email. But as with any product, features and functionality are prioritized across the needs of our customer base. Sometimes you have specific needs for customization or integrations not currently supported. This is where our growing API functionality comes in.
Do you have a domain that sends extremely high mail volumes or large spikes of email periodically, such that the automated alert thresholds are triggered more often than you would like? Retrieve the alerts via our Alert Event API and feed them to your Splunk instance or other SIEM to correlate with other events or set customized rules on the lower bound of the alert.
Do you want to keep Failure Samples that represent potential threats longer for investigations? But you don't need the entire set of sample data (i.e. you don't want to keep all of the failures from your internal infrastructure around). Use the Failure Samples API to get a filtered set of samples and keep them in your internal data store that you use for threat investigations.
Do you already have your Threat Feed emailed to a takedown vendor, but you want to incorporate the URLs directly into your Splunk instance or other SIEM to correlate with other data? Use the Threat Feed API to access the URLs.
Our API allows you to access Alert Events (Threat Spike Alerts, Authentication Failure Spike Alerts, Infrastructure Alert, DMARC & SPF Record Change Alerts, and Brand Spoofing Alerts if you are a Respond customer), Failure Samples, and Threat Feeds. To learn more about Agari's API visit our interactive documentation and try it out at https://my.agari.com/v1/docs.
Are you already using Agari's API for your own use case? Is there something you are interested in using Agari's API for but haven't tried it out yet? In either case, tell us about it! We might be able to help you get started or even write some sample code for others based on your experience.