The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Third-party Security Integrations

The Integrations section of the Security Settings page lists various third-party security products—including Cisco AMP Threat Grid—that have been integrated into Umbrella. Umbrella supports third-party integrations through apps, network devices, and the Umbrella Enforcement API. The Umbrella Enforcement API is a REST API that enables threat intelligence and security information event platforms to programmatically register domain and security events.

Once integrated into Umbrella, these products build their own custom destination block list of discovered malicious domains. These integrations can be selected in a policy, just like any other security category, so that any matches against their special destination block lists are prohibited. Umbrella supports logging and reports of the traffic from the integrated networks.

In the following integration example, an organization uses Umbrella and Investigate alongside their own security information event management system, and leverages the Umbrella APIs to create a full feedback loop.

For more information about integrations, see IT Security Integrations and APIs.

Web Security Categories < Third-party Security Integrations > Set Up Custom Integrations

Updated about a year ago

Third-party Security Integrations

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.