ScanCloud APIs and Kits makes it easy for developers to more securely process unknown entities such as URLs, files, emails with confidence and secure their applications from being exploited by malicious actors.
ScanCloud believes that a tools like ScanCloud Internet Entities Info Kit will cater to two key problem statements
Users of cloud based applications and platforms are increasinging asking for security credibility of such applications.
If an application is in the business of handling internet entities such as URLs, Emails, uploads/downloaded files etc, then the application is expected to ensure that it does not accept or share malware, phishing URLs or guides users to malicious sites.
An application will lose credibility very quickly if it is found to be compromising security of customer IT assets and it will loose credibility fairly quickly if it is not able to show how it is mitigating such risks.
Zero trust security means that no one is trusted by default. So no users or machines or application interactions should be automatically trusted.
Humans are likely the weakest link in Security strategy. Trust no users, whether in or outside the organization’s network. Limit, monitor and validate any user interactions with your application. If the application has file upload/download functionality, it is imperative to block malicious actors in the boundary to ensure your infrastructure remains secure. Attackers may want to exploit the File upload functionality and upload malicious files or Application users/customers/subscribers may unknowingly upload the malware to your infrastructure.
Due to supply chain attack trends like Solarwinds, A large number of interactions between cloud applications going forward are expected to be happening in a zero trust environment ie., applications not trusting the interactions from other applications or zero trust between applications.. Post solarwinds, most applications will operate on Verify then trust model of exchanging information with the other applications. One area of defence is to ensure the entities are scanned in the boundary between the applications. However, such applications may not have their own database of security information to decide whether to trust the interaction with the third party or not.
Hence there is a need for reliable third party Security scanning API/Kit that helps them make such decisions with ease.
ScanCloud Entity Security Information Kit is a collection of language based libraries and tools that can be used by a multitude of developers to integrate from within their applications.
- Integrate the ScanCloud Kit into the application
These Kit function calls are made as a subsequent step as and when an “entity of interest” is being processed, Some of the examples could be
- Upload/Download of certain types of files
- Submission of URLs that are displayed publicly or processed for certain steps
- Email attachments (Upload or download)
ScanCloud documentation provides for multiple types of integration that might be available for these integrations to happen.
- Configure the service parameters of ScanCloud Kit
For privacy and security, developers can register in ScanCloud.com, login with registered username to create an API key to use as a service parameter with your integration code. This will create a new instance of the scan client with your private API key specific to the application.
As the application containing the ScanCloud Kit makes a call through the ScanCloud API, inside an expected SLA, the SDK will try to provide a response to the required information about this entity. This information can be used to make the determination for the appropriate course of action by the application
Numerous Call/Response examples are provided along with the ScanCloud Kit for the ease of integration and usage
- Application processing of response
Once the security information is received about an entity by the application, the application will take a decision on the flow to choose. It may choose to go forward on the normal course despite the adverse security information, as it may deem it to be not enough. ScanCloud Kit will provide such guidance for usage.
- Managing and Monitoring plugin Integration
ScanCloud believes in vendor neutrality and provides an option to choose from several mainstream security SAAS providers(For ex: Crowdstrike, urlscan.io, cloudmervice. etc.,) from ScanCloud Console - The integrations/plugins are managed via a central console with an option to switch to different security SAAS providers, monitor activity, generate reports and do retrospective threat analysis.