APIVoid Integration

APIVoid provides JSON APIs useful for cyber threat analysis, threat detection and threat prevention, reducing and automating the manual work of security analysts. With our APIs you can identify malicious IP addresses, get reputation of a website, get SSL certificate details, perform DNS records lookups and much more. Each API service has also a simple web interface that allows you to utilize the APIs from your web browser.

  1. In the Cisco XDR navigation menu, choose Administration > Integrations.

  2. On the Integrations page, click the Third-Party tab and navigate to the APIVoid integration.

  3. Click the plus sign (+) in the lower-right corner of the tile. The APIVoid integration page is displayed.

  4. Expand the Integration Guide area and follow the instructions on how to add the APIVoid integration in Cisco XDR.

You can perform the following tasks after you integrate APIVoid with Cisco XDR:

  • Investigations - Start a new investigation into any combination of IP addresses and domains and the results will include any records of them found in your APIVoid. To verify that this integration is working, and to see what kind of data is returned, investigate one of more observables about which you know APIVoid has recent information. For details, see Investigate.