Lets Automate It

from Josh Rickard

Understanding HTTP Request Headers

2022-06-21 dfir Josh Rickard
Table of Contents Summary Introduction Setup General Headers Cache-Control Connection Transfer-Encoding Request Headers Common Request Headers Accept Accept-Encoding Authorization User-Agent Response Headers Common Response Headers Location Vary Server WWW-Authenticate Metadata Headers Common Metadata Headers Allow Content-Encoding Content-Type Conclusion Summary Networking is complex. Whether you are troubleshooting network connectivity or attempting to detect malicious external network communications, understanding the nuances of common HTTP requests is extremely helpful but often it can be difficult for many security and IT professionals. Continue reading

Common Rest Api Authentication Methods Explained

2021-04-21 swimlane Josh Rickard
When it comes to implementing automation and orchestration, it is critical to understand how authentication works with APIs. The majority of the products in your environment likely have some sort of authentication mechanism. You need to know the nuances and differences between various authentication methods in order to automate communications with those APIs. In this blog post, I aim to help you understand by breaking down three different API authentication methods. Continue reading

Understanding APIs: SOAP

2019-10-24 swimlane Josh Rickard
In my previous post, I talked about the basics of REST (representable state transfer) APIs (application programming interfaces). If you haven’t read it yet, I highly recommend you read that post before continuing. In this post, we will be talking about the basics of simple object access protocol (SOAP) APIs, and we will primarily focus on a real SOAP service: Microsoft Exchange Web Services. RESTful APIs, which are the most commonly used APIs today, are powerful and provide a simple way to interact with a service or application via an exposed interface. Continue reading

Understanding APIs: REST

2019-10-17 swimlane Josh Rickard
Security orchestration, automation and response (SOAR) platforms rely heavily on APIs (application programming interfaces) to drive orchestration of disparate security tools (products) and invoke desired responses in the form of actions. Besides SOAR products, APIs are commonplace among almost all services, tools, and products used by technical workers. Even though APIs are extremely common, you may not have experience using them or even know that a service has one when interacting with it. Continue reading