The nature of modern SaaS adoption is highly distributed, from where your workforce is located to who chooses and governs the tools they use. Users are distributed across continents, SaaS administrators can be found in any department, and any employee has the power to extend their organization’s attack surface in just a few clicks. At Nudge Security, our approach has always been to work within the understanding that SaaS is decentralized rather than fighting against this reality.Â
‍
We also know that the way organizations secure and govern and consume information about your SaaS estate is also decentralized, with data divided between your identity provider, IT work systems, compliance tools, SSO providers, and beyond. Today, Nudge Security is once again extending our platform to embrace the reality of modern work and empower you to centralize SaaS security and governance with our new public API.
‍
With our API, Nudge Security can be the nexus of your SaaS security and governance ecosystem by enabling you to connect to your other critical tools. Now you can not only maintain a single source of truth in Nudge Security, but also seamlessly connect it to the rest of your stack.Â
‍
“Using the Nudge Security API, we’ve been able to speed up security processes and connect data silos for faster, risk-informed decision making,” said GridX Team Lead Security Alei Salem. “We’re excited by the possibilities the API unlocks for our team.”
‍
Watch the tutorial below for a quick introduction, or read on for more examples of how your organization can use our API.Â
‍
‍
Searching through multiple systems for information about your SaaS attack surface can slow down your team, lead to data silos, and impede your ability to make effective security and governance decisions. Our API enables you to send Nudge Security data to other tools within your security ecosystem for more complete SaaS attack surface visibility and governance.Â
‍
You can retrieve data in Nudge Security about your apps, accounts, security events, fields, user groups, labels, and notifications via our REST API for easy integration with other solutions. (Dig into our API documentation for more granular detail on functionality.)
‍
For example, ingesting all Nudge Security events into your SIEM and SOAR tools via our events endpoint enables you to correlate these events with other datasets, giving you a more complete understanding of what’s happening in your environment and helping your team take action quickly to anything that arises. When Nudge Security identifies a data breach affecting an app in your SaaS supply chain, your team can see and respond to that information from a central location instead of switching between systems.Â
‍
You can also send Nudge Security data to your favorite business intelligence tool to report on it alongside the rest of your organization’s security data, giving you a more complete picture of your compliance readiness or progress toward key metrics.Â
‍
When your tools can’t talk to each other, your team is left juggling the manual work of keeping multiple systems up to date. Our API reduces that burden by enabling you to add, update, or delete fields and labels for any app or account within Nudge Security. You can update allowed values for existing fields, such as approval statuses, or create your own custom fields or labels to add additional context.Â
‍
For example, let’s say you integrate Nudge Security with a ticketing system like Service Now or Jira. When you complete an application onboarding or approval process tracked in your ticketing system, you can use the API to update the app’s approval status within Nudge Security. You can also easily send Nudge Security notifications to your ticketing system to track any associated work.
‍
With custom fields and labels, you can add your own classifications based on another external source. For example, you could add custom attributes to track renewal dates or identify cost centers to help your organization track and manage license costs. You can query these custom attributes using the API.Â
‍
APIs are meant to be built on, and our API enables you to craft your own solution to any number of use cases. In addition to the common examples described above, here are just a few ideas based on use cases from Nudge Security customers:
‍
‍
To get started, simply generate an API token within Settings in Nudge Security. (You can revoke access just as easily—and tokens will expire automatically after four weeks of inactivity.) Learn more about how you can retrieve data or modify fields in Nudge Security in our API documentation in Readme.io, which can be used with multiple programming languages.Â
‍
Find out how else Nudge Security can help you meet your SaaS security and governance goals. Start your free 14-day trial today.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Block quote
Ordered list
Unordered list
Bold text
Emphasis
Superscript
Subscript