We’re excited to announce the launch of the SecureFlag Knowledge Base Third-Party Integration! Our team recently published a new public API for third-party vendors to seamlessly integrate with SecureFlag content and labs, delivering just-in-time security training to their customers.
At SecureFlag, our mission is to close the gap between developers and security professionals, knowing full well how disruptive it is to be torn away from a time-sensitive task only to spend endless hours diving down security rabbit holes.
Well, no more Alice entangled in the Wonderland of the interwebs! Our integration enables software applications to consume SecureFlag’s Security Knowledge Base. The SecureFlag Knowledge Base Open API is publicly available, allowing developers and other organisations to build applications that can benefit from integrating with SecureFlag’s hands-on Labs and other resources.
By integrating with the SecureFlag API, once a security tool finds a security vulnerability, it’s possible to provide information to the Developer on how to fix that vulnerability (immediately) alongside an example lab in which the Developer can practice before performing the remediation. Since all the information on how to fix the vulnerability is available to the Developer, this greatly reduces the time it takes to remediate a security exposure.
Let’s explore the types of services that can integrate with SecureFlag, and provide guidance on how to integrate our API into various systems.
The SecureFlag Knowledge Base Open API is designed to work with a wide range of products, including but not limited to:
Whichever tool you administer, add the capability to fetch our up-to-date JSON and process it to map vulnerability information to contextual SecureFlag vulnerability references and hands-on labs.
Start by fetching the data from our SecureFlag Knowledge Base Open API by querying the following URL.
The JSON has a list of objects similar to this.
You can go through the list of objects to find the right SecureFlag resources based on your inputs, which can be one or more of the following fields:
Once you’ve found the correct entry, you can extract the SecureFlag resource’s URLs and other useful information:
Based on this JSON, you can map your input data and retrieve related URLs for the written vulnerability reference from our knowledge-base website, as well as URLs to immediately run hands-on labs associated with the input vulnerability.
In addition to our open API, we’ve also developed ready-to-use integrations with popular platforms such as Jira, GitHub, GitLab, Azure Boards, Slack, and SonarQube. By leveraging these integrations, you can further streamline your security training processes and make it even easier for your team to access SecureFlag’s resources.
The SecureFlag Knowledge Base Open API is a powerful tool that enables third-party vendors to access and integrate with our content and labs, providing tailored security training for Developers, DevOps, Cloud, and QA engineers. By using our API, you can enhance your security offerings and help your users build the skills necessary to create secure software.