Cloudmersive Security (Preview)

Reference

The security APIs help you detect and block security threats.

This connector is available in the following products and regions:

Service	Class	Regions
Logic Apps	Standard	All Logic Apps regions except the following: - Azure Government regions - Azure China regions - US Department of Defense (DoD)
Power Automate	Premium	All Power Automate regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD)
Power Apps	Premium	All Power Apps regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD)

Contact
Name	Cloumdersive Support
URL	https://account.cloudmersive.com/contact-support
Email	support@cloudmersive.com

Connector Metadata
Publisher	Cloudmersive, LLC
Website	https://cloudmersive.com/security-threat-detection-api
Privacy policy	https://www.cloudmersive.com/privacy-policy
Categories	Security

This connector is critical for detecting and blocking the most common security threats to your business. Cloudmersive Security Threat Detection provides coverage for the most common types of security threats in one powerful connector. You can learn more at the Security Threat Detection API page.

Prerequisites

To use the Security Threat Detection connector, you need a Cloudmersive account and API Key. You can sign up for a free account or choose from one of the available paid plans.

How to get credentials?

You can sign up with a Microsoft Account or create a Cloudmersive account. Follow the steps below to get your API Key.

Here you can create and see your API key(s) listed on the API Keys page. Simply copy and paste this API Key into the Cloudmersive Security Connector.

Now you are ready to start using the Cloudmersive Security Connector.

Creating a connection

The connector supports the following authentication types:


Default	Parameters for creating connection.	All regions	Not shareable

Default

Applicable: All regions

Parameters for creating connection.

This is not shareable connection. If the power app is shared with another user, another user will be prompted to create new connection explicitly.

Name	Type	Description	Required
API Key (from https://cloudmersive.com)	securestring	The Api Key for this API	True

Throttling Limits

Name	Calls	Renewal Period
API calls per connection	100	60 seconds

Actions

Automatically detect threats in an input string	Auto-detects a wide range of threat types in input string, including Cross-Site Scripting (XSS), SQL Injection (SQLI), XML External Entitites (XXE), Server-side Request Forgeries (SSRF), and JSON Insecure Deserialization (JID).
Check a URL for Server-side Request Forgery (SSRF) threats	Checks if an input URL is at risk of being an SSRF (Server-side request forgery) threat or attack.
Check if IP address is a Bot client threat	Check if the input IP address is a Bot, robot, or otherwise a non-user entity. Leverages real-time signals to check against known high-probability bots..
Check if IP address is a known threat	Check if the input IP address is a known threat IP address. Checks against known bad IPs, botnets, compromised servers, and other lists of threats.
Check if IP address is a Tor node server	Check if the input IP address is a Tor exit node server. Tor servers are a type of privacy-preserving technology that can hide the original IP address who makes a request.
Check text input for SQL Injection (SQLI) attacks	Detects SQL Injection (SQLI) attacks from text input.
Detect Insecure Deserialization JSON (JID) attacks in a string	Detects Insecure Deserialization JSON (JID) attacks from text input.
Protect text input from Cross-Site-Scripting (XSS) attacks through normalization	Detects and removes XSS (Cross-Site-Scripting) attacks from text input through normalization. Returns the normalized result, as well as information on whether the original input contained an XSS risk.
Protect text input from XML External Entity (XXE) attacks	Detects XXE (XML External Entity) attacks from XML text input.

Automatically detect threats in an input string

Operation ID:: ContentThreatDetection_AutomaticThreatDetectionString

Auto-detects a wide range of threat types in input string, including Cross-Site Scripting (XSS), SQL Injection (SQLI), XML External Entitites (XXE), Server-side Request Forgeries (SSRF), and JSON Insecure Deserialization (JID).

Parameters

Name	Key	Required	Type	Description
User-facing text input.	value	True	string	User-facing text input.

Returns

Result of performing an Insecure Deserialization JSON protection operation

Body: StringAutomaticThreatDetection

Check a URL for Server-side Request Forgery (SSRF) threats

Operation ID:: NetworkThreatDetection_DetectSsrfUrl

Checks if an input URL is at risk of being an SSRF (Server-side request forgery) threat or attack.

Parameters

Name	Key	Required	Type	Description
URL	URL		string	URL to validate
BlockedDomains	BlockedDomains		array of string	Top level domains that you do not want to allow access to, e.g. mydomain.com - will block all subdomains as well

Returns

Result of checking a URL for SSRF threats

Body: UrlSsrfThreatDetectionResponseFull

Check if IP address is a Bot client threat

Operation ID:: NetworkThreatDetection_IsBot

Check if the input IP address is a Bot, robot, or otherwise a non-user entity. Leverages real-time signals to check against known high-probability bots..

Parameters

Name	Key	Required	Type	Description
IP address to check, e.g. "55.55.55.55". The input is a string so be	value	True	string	IP address to check, e.g. "55.55.55.55". The input is a string so be

Returns

Result of performing a Bot check on an IP address

Body: ThreatDetectionBotCheckResponse

Check if IP address is a known threat

Operation ID:: NetworkThreatDetection_IsThreat

Check if the input IP address is a known threat IP address. Checks against known bad IPs, botnets, compromised servers, and other lists of threats.

Parameters

Name	Key	Required	Type	Description
IP address to check, e.g. "55.55.55.55". The input is a string so be	value	True	string	IP address to check, e.g. "55.55.55.55". The input is a string so be

Returns

Result of performing a IP threat check on an IP address

Body: IPThreatDetectionResponse

Check if IP address is a Tor node server

Operation ID:: NetworkThreatDetection_IsTorNode

Check if the input IP address is a Tor exit node server. Tor servers are a type of privacy-preserving technology that can hide the original IP address who makes a request.

Parameters

Name	Key	Required	Type	Description
IP address to check, e.g. "55.55.55.55". The input is a string so be	value	True	string	IP address to check, e.g. "55.55.55.55". The input is a string so be

Returns

Result of performing a Tor node check on an IP address

Body: ThreatDetectionTorNodeResponse

Check text input for SQL Injection (SQLI) attacks

Operation ID:: ContentThreatDetection_CheckSqlInjectionString

Detects SQL Injection (SQLI) attacks from text input.

Parameters

Name	Key	Required	Type	Description
User-facing text input.	value	True	string	User-facing text input.

Returns

Result of performing an SQL Injection protection operation

Body: StringSqlInjectionDetectionResult

Detect Insecure Deserialization JSON (JID) attacks in a string

Operation ID:: ContentThreatDetection_DetectInsecureDeserializationJsonString

Detects Insecure Deserialization JSON (JID) attacks from text input.

Parameters

Name	Key	Required	Type	Description
User-facing text input.	value	True	string	User-facing text input.

Returns

Result of performing an Insecure Deserialization JSON protection operation

Body: StringInsecureDeserializationJsonDetection

Protect text input from Cross-Site-Scripting (XSS) attacks through normalization

Operation ID:: ContentThreatDetection_ProtectXss

Detects and removes XSS (Cross-Site-Scripting) attacks from text input through normalization. Returns the normalized result, as well as information on whether the original input contained an XSS risk.

Parameters

Name	Key	Required	Type	Description
User-facing text input.	value	True	string	User-facing text input.

Returns

Result of performing an XSS protection operation

Body: StringXssProtectionResult

Protect text input from XML External Entity (XXE) attacks

Operation ID:: ContentThreatDetection_CheckXxe

Detects XXE (XML External Entity) attacks from XML text input.

Parameters

Name	Key	Required	Type	Description
User-facing text input.	value	True	string	User-facing text input.

Returns

Result of performing an XXE threat detection operation

Body: StringXxeDetectionResult

Definitions

StringAutomaticThreatDetection

Result of performing an Insecure Deserialization JSON protection operation

Name	Path	Type	Description
Successful	Successful	boolean	True if the operation was successful, false otherwise
CleanResult	CleanResult	boolean
ContainedJsonInsecureDeserializationAttack	ContainedJsonInsecureDeserializationAttack	boolean	True if the input contained Insecure Deserialization JSON, false otherwise
ContainedXssThreat	ContainedXssThreat	boolean	True if the input contained XSS attack, false otherwise
ContainedXxeThreat	ContainedXxeThreat	boolean	True if the input contained XXE attack, false otherwise
ContainedSqlInjectionThreat	ContainedSqlInjectionThreat	boolean	True if the input contained SQL Injection attack, false otherwise
ContainedSsrfThreat	ContainedSsrfThreat	boolean	True if the input contained an Server-Side Request Forgery (SSRF) URL attack, false otherwise
IsXML	IsXML	boolean	True if the input string is XML, false otherwise
IsJSON	IsJSON	boolean	True if the input string is JSON, false otherwise
IsURL	IsURL	boolean	True if the input string is a URL, false otherwise
OriginalInput	OriginalInput	string	Original input string

StringInsecureDeserializationJsonDetection

Result of performing an Insecure Deserialization JSON protection operation

Name	Path	Type	Description
Successful	Successful	boolean	True if the operation was successful, false otherwise
ContainedJsonInsecureDeserializationAttack	ContainedJsonInsecureDeserializationAttack	boolean	True if the input contained Insecure Deserialization JSON, false otherwise
OriginalInput	OriginalInput	string	Original input string

StringSqlInjectionDetectionResult

Result of performing an SQL Injection protection operation

Name	Path	Type	Description
Successful	Successful	boolean	True if the operation was successful, false otherwise
ContainedSqlInjectionAttack	ContainedSqlInjectionAttack	boolean	True if the input contained SQL Injection attacks, false otherwise
OriginalInput	OriginalInput	string	Original input string

StringXssProtectionResult

Result of performing an XSS protection operation

Name	Path	Type	Description
Successful	Successful	boolean	True if the operation was successful, false otherwise
ContainedXss	ContainedXss	boolean	True if the input contained XSS scripting, false otherwise
OriginalInput	OriginalInput	string	Original input string
NormalizedResult	NormalizedResult	string	Normalized string result, with XSS removed

StringXxeDetectionResult

Result of performing an XXE threat detection operation

Name	Path	Type	Description
Successful	Successful	boolean	True if the operation was successful, false otherwise
ContainedXxe	ContainedXxe	boolean	True if the input contained XXE threats, false otherwise

UrlSsrfThreatDetectionResponseFull

Result of checking a URL for SSRF threats

Name	Path	Type	Description
CleanURL	CleanURL	boolean	True if the URL is clean, false if it is at risk of containing an SSRF threat or attack
ThreatLevel	ThreatLevel	string	Threat level of the URL; possible values are High, Medium, Low and None

IPThreatDetectionResponse

Result of performing a IP threat check on an IP address

Name	Path	Type	Description
IsThreat	IsThreat	boolean	True if the input IP address is a threat, false otherwise
ThreatType	ThreatType	string	Specifies the type of IP threat; possible values include Blocklist, Botnet, WebBot

ThreatDetectionBotCheckResponse

Result of performing a Bot check on an IP address

Name	Path	Type	Description
IsBot	IsBot	boolean	True if the input IP address is a Bot or Robot, false otherwise

ThreatDetectionTorNodeResponse

Result of performing a Tor node check on an IP address

Name	Path	Type	Description
IsTorNode	IsTorNode	boolean	True if the input IP address is a Tor exit node, false otherwise

Cloudmersive Security (Preview)

Prerequisites

How to get credentials?

Creating a connection

Default

Throttling Limits

Actions

Automatically detect threats in an input string

Parameters

Returns

Check a URL for Server-side Request Forgery (SSRF) threats

Parameters

Returns

Check if IP address is a Bot client threat

Parameters

Returns

Check if IP address is a known threat

Parameters

Returns

Check if IP address is a Tor node server

Parameters

Returns

Check text input for SQL Injection (SQLI) attacks

Parameters

Returns

Detect Insecure Deserialization JSON (JID) attacks in a string

Parameters

Returns

Protect text input from Cross-Site-Scripting (XSS) attacks through normalization

Parameters

Returns

Protect text input from XML External Entity (XXE) attacks

Parameters

Returns

Definitions

StringAutomaticThreatDetection

StringInsecureDeserializationJsonDetection

StringSqlInjectionDetectionResult

StringXssProtectionResult

StringXxeDetectionResult

UrlSsrfThreatDetectionResponseFull

IPThreatDetectionResponse

ThreatDetectionBotCheckResponse

ThreatDetectionTorNodeResponse

Ressources supplémentaires