National Cyber Warfare Foundation (NCWF) Forums


Demystifying Duo APIs: Advanced Security with Duo Integrations


0 user ratings
2023-08-25 12:24:24
milo
Blue Team (CND)

 - archive -- 
Dive into advanced security with Cisco Duo APIs. Explore partner integrations, versatile applications, and industry use cases.

At  Cisco Duo, our primary objective is to prevent unauthorized access with a modern and user-friendly access management solution. Security is paramount to organizations of all sizes, and we are committed to providing secure and streamlined access for the workforce, regardless of their location whether they are at home, in the office or on the road.


In today’s rapidly evolving technological landscape, the importance of robust security measures cannot be overstated. That’s where Duo APIs come into play as a powerful tool, empowering you with resilient security controls for your applications. In this blog post, we’ll delve deeper into the potential and versatility of Duo APIs, their applications across industries, and how they can elevate your security posture to new heights.


Cisco Duo’s Director of Product Management, Boat Agboatwalla, shares insights into Duo Security APIs and their versatile use cases across industries.



Secure and manage your applications, users, policies, and devices with Duo API


Duo’s developer-centric approach, comprehensive documentation, SDKs, OpenAPI specifications (coming soon!), testing environment, and support resources make it easy for developers to integrate Duo’s security solutions into their zero trust architecture.


Auth API: This is a widely used API that enables you to add strong two-factor authentication to the authentication flow of your applications. Soon, you’ll also be able to add Duo’s secure Verified Duo Push functionality through the Auth API, which mitigates MFA fatigue attacks (to request access to our private preview of Verified Duo Push through the Auth API please contact us at [email protected]).


Web SDK: The Web SDK is the fastest way for developers to enable strong multi-factor authentication via Universal Prompt in their custom website or application utilizing an OIDC-compliant authentication protocol. The Web SDK is available in Python, Java, Go, PHP, Node.js, and C#(.NET).


Admin API: This API lets developers integrate and manage a wide range of administrative functions, including managing users, devices, admins, policies, and integrations, as well as programmatically reading authentication, administration, and telephony logs.


OIDC Auth API: This is an open ID Connect (OIDC) compliant authentication protocol to add strong two-factor authentication to your web applications. The OIDC Auth API also supports Duo Universal Prompt. Adding Duo using the OIDC API requires custom development and some understanding of your application’s language and authentication process.


Device API: Duo’s Trusted Endpoints feature adds a layer of security by ensuring that only known and registered, or corporate managed devices can access Duo protected applications and resources. This API is for Trusted Endpoints policy which uses Duo Device Health App to establish trust.


By providing the necessary tools and support, Duo empowers developers to efficiently incorporate Duo’s powerful authentication and access management capabilities into their solutions.


Unveiling Unique API Use Cases and the Enormous Benefits of Building and Utilizing Duo APIs Together


With an extensive network of over 250 partners, Duo boasts a robust ecosystem of integrations using Duo APIs with popular applications, identity providers, and security technologies.


BioConnect: BioConnect uses the Auth API endpoint and REST API to enable ‘Duo at the Door’. What that means is that the integration of Link Solution with Duo’s MFA , protects access to physical spaces such as facility doors, data centers, MDF & IDF closets, or small space enclosures such as narcotic safes and key cabinets. BioConnect Link allows you to retrofit your existing access control readers or upgrade your mechanical locks with a small IoT device that installs like a network appliance. It leverages a cloud-based software platform to add Cisco’s Duo MFA to physical access points and to future proof your organization with remote updates, security monitoring and flexible Multi-Factor Authentication, including one-time access authorization with time-based passcodes for critical spaces.



Blumira: Blumira’s SIEM and XDR platform analyzes and identifies threats early using data from different sources, including authentication providers, such as Duo. IT admins can set up Blumira’s Cloud Connectors using Duo Admin API credentials in minutes to start collecting logs and automatically apply detection rules. Blumira’s platform notifies users of risky and suspicious activity like Duo user account lockouts, fraudulent Duo user reports, unusually high number of MFA requests, user authentication MFA bypass, and users set to bypass status. With every finding, Blumira also provides easy-to-follow playbooks to instruct users on how to respond to their Duo alerts or reach out to Blumira’s SecOps team available 24/7 for critical priority issues.



Cigent Technologies: Utilizing Auth API, Cigent Data Defense™ adds Duo’s risk-based multi-factor authentication to shield sensitive data on user endpoints from access by cyber criminals and malware. The Cigent and Duo integration helps prevent the execution of ransomware, extortion, and data theft, reducing financial and reputational loss. Cigent integrates with both endpoint and SOC technologies to be threat aware. During a threat condition, or by policy for specified content types, users will be required to use multi-factor authentication to access protected files. Data protection policy can be set by file type (extension), folder, and partition (Cigent Secure Vault). The protection can also extend beyond files on the local PC, to cover file shares, clouds (e.g., OneDrive), and external media. Watch this webinar to learn more.



Oort: Identity-based attacks are on the rise, and security teams need improved ways to protect their ever-expanding identity infrastructure. Oort seamlessly connects via Auth API, Device API, and Admin API to an organization’s Duo instance, providing visibility into users, devices, authentications, and activities. Oort combines these with HR data and data from other IdPs and applications to create a single, unified user inventory. Oort continually monitors for posture weaknesses and identity threats, alerting security teams in near real-time and providing easy one-click response actions that leverage Duo’s APIs. This includes IP threats, MFA flood attacks, suspicious activity, and more. The Oort data science team creates and maintains these detections, enabling security teams to focus their time on what matters most.



The benefits are clear:



  1. Leverage existing infrastructure: Embracing Duo’s integration capability allows organizations to effortlessly infuse our powerful security solutions into their current infrastructure. By doing so, you can maximize the value of your existing investments while fortifying your security posture.

  2. Scale with confidence: As your organization evolves and expands, you need a security solution that grows with you. Duo’s offerings are designed with scalability in mind, accommodating the needs of small businesses as well as large enterprises. Embrace growth without compromising on security.


Would you like to be next to build an integration with Duo?


We offer an open platform for anyone to come and build an integration with Duo at no cost. Vendors interested in becoming a Duo Technology Partner can apply here or contact [email protected] to learn more.


Additionally, GitHub libraries can be used out of the box to integrate quickly with Duo.




We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!


Cisco Secure Social Channels


Instagram

Facebook

Twitter

LinkedIn



Source: cisco
Source Link: https://blogs.cisco.com/security/demystifying-duo-apis-advanced-security-with-duo-integrations


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.