Giacomo Lanzi
Application programming interface: our User API
In the IT development process, sooner or later we come across API services, which stands for Application Programming Interface. To date it is impossible to imagine IT development without. With the API it is possible to connect a service to an application and integrate it efficiently. Before introducing the specific APIs of the Cloud Server service, it is good to know broadly what an API is and why they are so used in computer science.
What is an API and how does it work?
An Application Programming Interface is like an open language, whose rules are shared by a certain service. By teaching the rules of language to an application, it can communicate with the service and access all the functions and data that are available.
Speaking a little more formal: the API is an interface that allows an app to interact with an external service through a set of commands. It is not necessary to know the internal logic of the service, just use a simple command and the service will return the requested data.
I want to propose an analogy that can be useful to understand this tool. When you enter a restaurant and talk to a waiter, you can order the dishes, ask questions on the menu, ask for the bill and so on. This person is like a filter that separates you from all the complications behind the scenes. You won’t have to worry about dishes, ovens, staff or food reserves. The waiter becomes the interface that allows you to take advantage of all the services, without having to worry about how a restaurant works. Here, the waiter can be interpreted as the API of the restaurant.
The specific command, the request (or call) method and the syntax to be used, are information described in the documentation of the service that offers the application programming interfaces.
Purposes
This powerful tool is now everywhere, so much so that often we do not even realize how many services we use via API. Mainly application programming interfaces are a great way to do one of the following:
Exchange of data
In the restaurant example, asking the waiter a question is like exchanging data. It would be like an answer to a question regarding the data made available.
Hide complex parts and perform operations
In the restaurant example, you don’t need to know how to cook a perfect lasagna, you will just order it. The request requires that the service provide a product, not simply raw data.
Extend functionality
For example, in mobile operating systems, widgets, which display useful information on the screen as part of the background, are used through APIs. The OS requires the app that provides the widget, all the information it needs to correctly show this functionality. This is also done via API.
Increase security
Since it is the OS that manages the authorizations for the use of the various hardware components, it is in charge of requesting the user for authorization to share a component. The SO is therefore responsible for the security and management of the data collected by the sensors of the mobile phone.
To learn more about the API topic, we share an explanation video from the Simply Explained channel.
Secure Online Desktop User API
Secure Online Desktop provides its User API to enable complete control of your account and services from your apps / systems. Through the HTTP REST API made available, it is also possible to resell the services with the white label formula, thus being able to brand the services in complete freedom.
HTTP REST API
This type of API is characterized by communication via HTTP protocol and compliance with architectural principles defined as REpresentational State Transfer. If the HTTP protocol and its communication methods are well known and widely understood, perhaps it is good to mention the REST principles.
In a university analysis published as a thesis by Roy Fielding, the principles for a software architecture that would allow us to see the Web as a distributed computing platform were analyzed. According to this analysis, which hypothesized a generic architecture, the Web was found to have all that is needed to be considered a perfect platform for distributed processing.
A set of API which respects the REST logic hypothesized in 2000 by Roy Fielding, is called RESTful API. Although the terms create confusion, in reality they perfectly reflect the concept that REST is not a technology or a language, but are simply guidelines that can be respected or not.
White Label
Our APIs are offered specifically to offer the possibility to our customers to offer our services in white label mode. This means that our services can be offered to the customers of our customers, without them realizing anything.
The practice of white label, in fact, consists precisely in offering products without brands, with the specific aim of encouraging the rebranding of the service. Another interesting advantage derived from the use of APIs.
Conclusions
In addition to the possibility of offering our services to your customers in white label, you can also use the API to implement the services directly in your apps, expanding the available development possibilities.
The APIs are offered with complete documentation of all the request methods offered. A multitude of different API calls are allowed including management of users, domains, DNS, virtual machines and much more.
Summarizing, through SOD’s HTTP REST API it is possible:
1. implement access to virtual machines, hypervisors, network, disks, backups and much more in their applications
2. offer our re-branded services to your customers
Request further information or advice.
Useful links:
Share
RSS
More Articles…
- The SOAR benefits: simplifying investigation and response
- Security Code Review: How the service works
- Integration of the automated response: the automations in SOCaaS
- Coordination between CTI and SOC: how to further raise the defenses
- New Cloud Server: redundant internet
- Quality certificate for the SOCaaS of SOD
- Managed Detection and Response: a new preventive approach
- CLUSIT: our collaboration for better services
Categories …
- Backup as a Service (17)
- Acronis Cloud Backup (11)
- Veeam Cloud Connect (4)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- ICT Monitoring (5)
- Log Management (2)
- News (21)
- ownCloud (4)
- Privacy (7)
- Secure Online Desktop (14)
- Security (170)
- Cyber Threat Intelligence (CTI) (6)
- Ethical Phishing (8)
- Penetration Test (5)
- SOCaaS (55)
- Vulnerabilities (84)
- Web Hosting (15)
Tags
Dark Reading
- PyPI's 2FA Requirements Don't Go Far Enough, Researchers Say June 2, 2023The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.
- 'PostalFurious' SMS Attacks Target UAE Citizens for Data Theft June 2, 2023SMS campaigns targeting members of the public in the United Arab Emirates have been detected.
- 'Picture-in-Picture' Obfuscation Spoofs Delta, Kohl's for Credential Harvesting June 2, 2023A recent campaign tricks victims into visiting credential harvesting sites by hiding malicious URLs behind photos advertising deals from trusted brands.
- Streamers Ditch Netflix for Dark Web After Password Sharing Ban June 2, 2023Disgruntled users are pursuing offers for "full Netflix access" at steeply discounted rates.
- Want Sustainable Security? Find Middle Ground Between Tech & Education June 2, 2023The winning recipe for sustainable security combines strategic user education and tactical automation of well-constructed processes.
- Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort June 2, 2023Russia's FSB intelligence agency says the zero-click attacks range far beyond Kaspersky, and it has blamed them on the United States' NSA. Those allegations are thus far uncorroborated.
- How CISOs Can Manage the Intersection of Security, Privacy, And Trust June 2, 2023Integrating a subject rights request tool with security and compliance solutions can help identify potential data conflicts more efficiently and with greater accuracy.
- DNB Strengthens its Network Security Posture and Productivity With Ericsson Security Manager Solution June 1, 2023
- Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members June 1, 2023Program designed to equip women and underrepresented individuals with the necessary skills and knowledge to succeed in cybersecurity.
- Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks June 1, 2023Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.
Full Disclosure
- [CVE-2023-29459] FC Red Bull Salzburg App "at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity" Arbitrary URL Loading June 2, 2023Posted by Julien Ahrens (RCE Security) on Jun 02RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: FC Red Bull Salzburg App Vendor URL: https://play.google.com/store/apps/details?id=laola.redbull Type: Improper Authorization in Handler for Custom URL Scheme [CWE-939] Date found: 2023-04-06 Date published: 2023-06-01 CVSSv3 Score: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVE: CVE-2023-29459...
- [RT-SA-2022-004] STARFACE: Authentication with Password Hash Possible June 1, 2023Posted by RedTeam Pentesting GmbH on Jun 01Advisory: STARFACE: Authentication with Password Hash Possible RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database […]
- CVE-2022-48336 - Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8) May 30, 2023Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48336 [+] Title : Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8) [+] Vendor : Google [+] Device : Nexus 6 [+] Affected component : Widevine [+] Publication date : March 2023 [+] Credits : CyberIntel Team 2. AFFECTED VERSIONS -------------------- 5.0.0 […]
- CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) May 30, 2023Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48335 [+] Title : Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) [+] Vendor : Google [+] Device : Nexus 6 [+] Affected component : Widevine [+] Publication date : March 2023 [+] Credits : CyberIntel Team 2. AFFECTED VERSIONS -------------------- 5.0.0 […]
- CVE-2022-48334 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370) May 30, 2023Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48334 [+] Title : Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370) [+] Vendor : Google [+] Device : Nexus 6 [+] Affected component : Widevine [+] Publication date : March 2023 [+] Credits : CyberIntel Team 2. AFFECTED VERSIONS -------------------- 5.0.0 […]
- CVE-2022-48333 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c) May 30, 2023Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48333 [+] Title : Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c) [+] Vendor : Google [+] Device : Nexus 6 [+] Affected component : Widevine [+] Publication date : March 2023 [+] Credits : CyberIntel Team 2. AFFECTED VERSIONS -------------------- 5.0.0 […]
- CVE-2022-48332 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18) May 30, 2023Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48332 [+] Title : Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18) [+] Vendor : Google [+] Device : Nexus 6 [+] Affected component : Widevine [+] Publication date : March 2023 [+] Credits : CyberIntel Team 2. AFFECTED VERSIONS -------------------- 5.0.0 […]
- CVE-2022-48331 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0) May 30, 2023Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48331 [+] Title : Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0) [+] Vendor : Google [+] Device : Nexus 6 [+] Affected component : Widevine [+] Publication date : March 2023 [+] Credits : CyberIntel Team 2. AFFECTED VERSIONS -------------------- 5.0.0 […]
- SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer May 30, 2023Posted by Lennert Preuth via Fulldisclosure on May 30Title ===== SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-33255 Link ==== https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-001/ Text-only version: https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-001.txt Further SCHUTZWERK advisories: https://www.schutzwerk.com/blog/tags/advisories/ Affected products/vendor...
- [RT-SA-2023-005] Pydio Cells: Server-Side Request Forgery May 30, 2023Posted by RedTeam Pentesting GmbH on May 30For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response […]
Customers
Twitter FEED
Recent activity
-
SecureOnlineDesktop
Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
-
SecureOnlineDesktop
Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
-
SecureOnlineDesktop
Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF
Newsletter
Products and Solutions
Partners
Cloud Models
News
- The SOAR benefits: simplifying investigation and response April 18, 2022
- Security Code Review: How the service works April 13, 2022
- Integration of the automated response: the automations in SOCaaS April 11, 2022
- Coordination between CTI and SOC: how to further raise the defenses April 6, 2022
- New Cloud Server: redundant internet March 23, 2022
Google Reviews
About
Copyright © 2011 Secure Online Desktop s.r.l. All Rights Reserved.
VAT: 07485920966 “Cloud Computing services - Software cloud - Cloud server - VPS” Terms of ServicePrivacy Policy
ISO Certifications