Application programming interface: our User API
In the IT development process, sooner or later we come across API services, which stands for Application Programming Interface. To date it is impossible to imagine IT development without. With the API it is possible to connect a service to an application and integrate it efficiently. Before introducing the specific APIs of the Cloud Server service, it is good to know broadly what an API is and why they are so used in computer science.
What is an API and how does it work?
An Application Programming Interface is like an open language, whose rules are shared by a certain service. By teaching the rules of language to an application, it can communicate with the service and access all the functions and data that are available.
Speaking a little more formal: the API is an interface that allows an app to interact with an external service through a set of commands. It is not necessary to know the internal logic of the service, just use a simple command and the service will return the requested data.
I want to propose an analogy that can be useful to understand this tool. When you enter a restaurant and talk to a waiter, you can order the dishes, ask questions on the menu, ask for the bill and so on. This person is like a filter that separates you from all the complications behind the scenes. You won’t have to worry about dishes, ovens, staff or food reserves. The waiter becomes the interface that allows you to take advantage of all the services, without having to worry about how a restaurant works. Here, the waiter can be interpreted as the API of the restaurant.
The specific command, the request (or call) method and the syntax to be used, are information described in the documentation of the service that offers the application programming interfaces.
This powerful tool is now everywhere, so much so that often we do not even realize how many services we use via API. Mainly application programming interfaces are a great way to do one of the following:
Exchange of data
In the restaurant example, asking the waiter a question is like exchanging data. It would be like an answer to a question regarding the data made available.
Hide complex parts and perform operations
In the restaurant example, you don’t need to know how to cook a perfect lasagna, you will just order it. The request requires that the service provide a product, not simply raw data.
For example, in mobile operating systems, widgets, which display useful information on the screen as part of the background, are used through APIs. The OS requires the app that provides the widget, all the information it needs to correctly show this functionality. This is also done via API.
Since it is the OS that manages the authorizations for the use of the various hardware components, it is in charge of requesting the user for authorization to share a component. The SO is therefore responsible for the security and management of the data collected by the sensors of the mobile phone.
To learn more about the API topic, we share an explanation video from the Simply Explained channel.
Secure Online Desktop User API
Secure Online Desktop provides its User API to enable complete control of your account and services from your apps / systems. Through the HTTP REST API made available, it is also possible to resell the services with the white label formula, thus being able to brand the services in complete freedom.
HTTP REST API
This type of API is characterized by communication via HTTP protocol and compliance with architectural principles defined as REpresentational State Transfer. If the HTTP protocol and its communication methods are well known and widely understood, perhaps it is good to mention the REST principles.
In a university analysis published as a thesis by Roy Fielding, the principles for a software architecture that would allow us to see the Web as a distributed computing platform were analyzed. According to this analysis, which hypothesized a generic architecture, the Web was found to have all that is needed to be considered a perfect platform for distributed processing.
A set of API which respects the REST logic hypothesized in 2000 by Roy Fielding, is called RESTful API. Although the terms create confusion, in reality they perfectly reflect the concept that REST is not a technology or a language, but are simply guidelines that can be respected or not.
Our APIs are offered specifically to offer the possibility to our customers to offer our services in white label mode. This means that our services can be offered to the customers of our customers, without them realizing anything.
The practice of white label, in fact, consists precisely in offering products without brands, with the specific aim of encouraging the rebranding of the service. Another interesting advantage derived from the use of APIs.
In addition to the possibility of offering our services to your customers in white label, you can also use the API to implement the services directly in your apps, expanding the available development possibilities.
The APIs are offered with complete documentation of all the request methods offered. A multitude of different API calls are allowed including management of users, domains, DNS, virtual machines and much more.
Summarizing, through SOD’s HTTP REST API it is possible:
1. implement access to virtual machines, hypervisors, network, disks, backups and much more in their applications
2. offer our re-branded services to your customers
- The SOAR benefits: simplifying investigation and response
- Security Code Review: How the service works
- Integration of the automated response: the automations in SOCaaS
- Coordination between CTI and SOC: how to further raise the defenses
- New Cloud Server: redundant internet
- Quality certificate for the SOCaaS of SOD
- Managed Detection and Response: a new preventive approach
- CLUSIT: our collaboration for better services
- Backup as a Service (17)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- ICT Monitoring (5)
- Log Management (2)
- News (21)
- ownCloud (4)
- Privacy (7)
- Secure Online Desktop (14)
- Security (170)
- Web Hosting (15)
- What CISOs Can Do About Brand Impersonation Scam Sites February 3, 2023Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.
- Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says February 3, 2023The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader.
- Scores of Redis Servers Infested by Sophisticated Custom-Built Malware February 3, 2023At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021.
- How the Cloud Is Shifting CISO Priorities February 3, 2023The greatly expanding attack surface created by the cloud needs to be protected.
- MITRE Releases Tool to Design Cyber-Resilient Systems February 3, 2023Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.
- Hornetsecurity Combats QR Code Phishing With Launch of New Technology February 2, 2023
- Korelock Launches IOT Smart Lock Technology Company February 2, 2023Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering.
- Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally February 2, 2023The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.
- 6 Examples of the Evolution of a Scam Site February 2, 2023Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.
- Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks February 2, 2023The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.
- Trovent Security Advisory 2203-01 / Micro Focus GroupWise transmits session ID in URL January 31, 2023Posted by Stefan Pietsch on Jan 30# Trovent Security Advisory 2203-01 # ##################################### Micro Focus GroupWise transmits session ID in URL ################################################# Overview ######## Advisory ID: TRSA-2203-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2203-01 Affected product: Micro Focus GroupWise Affected version: prior to 18.4.2 Vendor: Micro Focus, https://www.microfocus.com...
- APPLE-SA-2023-01-24-1 tvOS 16.3 January 27, 2023Posted by Apple Product Security via Fulldisclosure on Jan 26APPLE-SA-2023-01-24-1 tvOS 16.3 tvOS 16.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213601. AppleMobileFileIntegrity Available for: Apple TV 4K (all models) and Apple TV HD Impact: An app may be able to access user-sensitive data Description: This issue was addressed […]
- [SYSS-2022-047] Razer Synapse - Local Privilege Escalation January 27, 2023Posted by Oliver Schwarz via Fulldisclosure on Jan 26Advisory ID: SYSS-2022-047 Product: Razer Synapse Manufacturer: Razer Inc. Affected Version(s): Versions before 3.7.0830.081906 Tested Version(s): 3.7.0731.072516 Vulnerability Type: Improper Certificate Validation (CWE-295) Risk Level: High Solution Status: Open Manufacturer Notification: 2022-08-02 Solution Date: 2022-09-06 Public Disclosure:...
- t2'23: Call For Papers 2023 (Helsinki, Finland) January 24, 2023Posted by Tomi Tuominen via Fulldisclosure on Jan 23Call For Papers 2023 Tired of your bosses suspecting conference trips to exotic locations being just a ploy to partake in Security Vacation Club? Prove them wrong by coming to Helsinki, Finland on May 4-5 2023! Guaranteed lack of sunburn, good potential for rain or slush. In […]
- Re: HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm January 24, 2023Posted by Marco Ivaldi on Jan 23Hello again, Just a quick update. Mitre has assigned the following additional CVE IDs: * CVE-2023-24039 - Stack-based buffer overflow in libXm ParseColors * CVE-2023-24040 - Printer name injection and heap memory disclosure We have updated the advisory accordingly: https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt Regards, Marco
- APPLE-SA-2023-01-23-8 Safari 16.3 January 24, 2023Posted by Apple Product Security via Fulldisclosure on Jan 23APPLE-SA-2023-01-23-8 Safari 16.3 Safari 16.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213600. WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with […]
- APPLE-SA-2023-01-23-7 watchOS 9.3 January 24, 2023Posted by Apple Product Security via Fulldisclosure on Jan 23APPLE-SA-2023-01-23-7 watchOS 9.3 watchOS 9.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213599. AppleMobileFileIntegrity Available for: Apple Watch Series 4 and later Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened […]
- APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3 January 24, 2023Posted by Apple Product Security via Fulldisclosure on Jan 23APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3 macOS Big Sur 11.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213603. AppleMobileFileIntegrity Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling […]
- APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 January 24, 2023Posted by Apple Product Security via Fulldisclosure on Jan 23APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 macOS Monterey 12.6.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213604. AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime. CVE-2023-23499: […]
Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF