Cloudmersive Security (Preview)
The security APIs help you detect and block security threats.
This connector is available in the following products and regions:
Service | Class | Regions |
---|---|---|
Logic Apps | Standard | All Logic Apps regions except the following: - Azure Government regions - Azure China regions - US Department of Defense (DoD) |
Power Automate | Premium | All Power Automate regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD) |
Power Apps | Premium | All Power Apps regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD) |
Contact | |
---|---|
Name | Cloumdersive Support |
URL | https://account.cloudmersive.com/contact-support |
support@cloudmersive.com |
Connector Metadata | |
---|---|
Publisher | Cloudmersive, LLC |
Website | https://cloudmersive.com/security-threat-detection-api |
Privacy policy | https://www.cloudmersive.com/privacy-policy |
Categories | Security |
This connector is critical for detecting and blocking the most common security threats to your business. Cloudmersive Security Threat Detection provides coverage for the most common types of security threats in one powerful connector. You can learn more at the Security Threat Detection API page.
Prerequisites
To use the Security Threat Detection connector, you need a Cloudmersive account and API Key. You can sign up for a free account or choose from one of the available paid plans.
How to get credentials?
You can sign up with a Microsoft Account or create a Cloudmersive account. Follow the steps below to get your API Key.
Here you can create and see your API key(s) listed on the API Keys page. Simply copy and paste this API Key into the Cloudmersive Security Connector.
Now you are ready to start using the Cloudmersive Security Connector.
Creating a connection
The connector supports the following authentication types:
Default | Parameters for creating connection. | All regions | Not shareable |
Default
Applicable: All regions
Parameters for creating connection.
This is not shareable connection. If the power app is shared with another user, another user will be prompted to create new connection explicitly.
Name | Type | Description | Required |
---|---|---|---|
API Key (from https://cloudmersive.com) | securestring | The Api Key for this API | True |
Throttling Limits
Name | Calls | Renewal Period |
---|---|---|
API calls per connection | 100 | 60 seconds |
Actions
Automatically detect threats in an input string |
Auto-detects a wide range of threat types in input string, including Cross-Site Scripting (XSS), SQL Injection (SQLI), XML External Entitites (XXE), Server-side Request Forgeries (SSRF), and JSON Insecure Deserialization (JID). |
Check a URL for Server-side Request Forgery (SSRF) threats |
Checks if an input URL is at risk of being an SSRF (Server-side request forgery) threat or attack. |
Check if IP address is a Bot client threat |
Check if the input IP address is a Bot, robot, or otherwise a non-user entity. Leverages real-time signals to check against known high-probability bots.. |
Check if IP address is a known threat |
Check if the input IP address is a known threat IP address. Checks against known bad IPs, botnets, compromised servers, and other lists of threats. |
Check if IP address is a Tor node server |
Check if the input IP address is a Tor exit node server. Tor servers are a type of privacy-preserving technology that can hide the original IP address who makes a request. |
Check text input for SQL Injection (SQLI) attacks |
Detects SQL Injection (SQLI) attacks from text input. |
Detect Insecure Deserialization JSON (JID) attacks in a string |
Detects Insecure Deserialization JSON (JID) attacks from text input. |
Protect text input from Cross-Site-Scripting (XSS) attacks through normalization |
Detects and removes XSS (Cross-Site-Scripting) attacks from text input through normalization. Returns the normalized result, as well as information on whether the original input contained an XSS risk. |
Protect text input from XML External Entity (XXE) attacks |
Detects XXE (XML External Entity) attacks from XML text input. |
Automatically detect threats in an input string
Auto-detects a wide range of threat types in input string, including Cross-Site Scripting (XSS), SQL Injection (SQLI), XML External Entitites (XXE), Server-side Request Forgeries (SSRF), and JSON Insecure Deserialization (JID).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User-facing text input.
|
value | True | string |
User-facing text input. |
Returns
Result of performing an Insecure Deserialization JSON protection operation
Check a URL for Server-side Request Forgery (SSRF) threats
Checks if an input URL is at risk of being an SSRF (Server-side request forgery) threat or attack.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
URL
|
URL | string |
URL to validate |
|
BlockedDomains
|
BlockedDomains | array of string |
Top level domains that you do not want to allow access to, e.g. mydomain.com - will block all subdomains as well |
Returns
Result of checking a URL for SSRF threats
Check if IP address is a Bot client threat
Check if the input IP address is a Bot, robot, or otherwise a non-user entity. Leverages real-time signals to check against known high-probability bots..
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
IP address to check, e.g. "55.55.55.55". The input is a string so be
|
value | True | string |
IP address to check, e.g. "55.55.55.55". The input is a string so be |
Returns
Result of performing a Bot check on an IP address
Check if IP address is a known threat
Check if the input IP address is a known threat IP address. Checks against known bad IPs, botnets, compromised servers, and other lists of threats.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
IP address to check, e.g. "55.55.55.55". The input is a string so be
|
value | True | string |
IP address to check, e.g. "55.55.55.55". The input is a string so be |
Returns
Result of performing a IP threat check on an IP address
Check if IP address is a Tor node server
Check if the input IP address is a Tor exit node server. Tor servers are a type of privacy-preserving technology that can hide the original IP address who makes a request.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
IP address to check, e.g. "55.55.55.55". The input is a string so be
|
value | True | string |
IP address to check, e.g. "55.55.55.55". The input is a string so be |
Returns
Result of performing a Tor node check on an IP address
Check text input for SQL Injection (SQLI) attacks
Detects SQL Injection (SQLI) attacks from text input.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User-facing text input.
|
value | True | string |
User-facing text input. |
Returns
Result of performing an SQL Injection protection operation
Detect Insecure Deserialization JSON (JID) attacks in a string
Detects Insecure Deserialization JSON (JID) attacks from text input.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User-facing text input.
|
value | True | string |
User-facing text input. |
Returns
Result of performing an Insecure Deserialization JSON protection operation
Protect text input from Cross-Site-Scripting (XSS) attacks through normalization
Detects and removes XSS (Cross-Site-Scripting) attacks from text input through normalization. Returns the normalized result, as well as information on whether the original input contained an XSS risk.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User-facing text input.
|
value | True | string |
User-facing text input. |
Returns
Result of performing an XSS protection operation
Protect text input from XML External Entity (XXE) attacks
Detects XXE (XML External Entity) attacks from XML text input.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User-facing text input.
|
value | True | string |
User-facing text input. |
Returns
Result of performing an XXE threat detection operation
Definitions
StringAutomaticThreatDetection
Result of performing an Insecure Deserialization JSON protection operation
Name | Path | Type | Description |
---|---|---|---|
Successful
|
Successful | boolean |
True if the operation was successful, false otherwise |
CleanResult
|
CleanResult | boolean | |
ContainedJsonInsecureDeserializationAttack
|
ContainedJsonInsecureDeserializationAttack | boolean |
True if the input contained Insecure Deserialization JSON, false otherwise |
ContainedXssThreat
|
ContainedXssThreat | boolean |
True if the input contained XSS attack, false otherwise |
ContainedXxeThreat
|
ContainedXxeThreat | boolean |
True if the input contained XXE attack, false otherwise |
ContainedSqlInjectionThreat
|
ContainedSqlInjectionThreat | boolean |
True if the input contained SQL Injection attack, false otherwise |
ContainedSsrfThreat
|
ContainedSsrfThreat | boolean |
True if the input contained an Server-Side Request Forgery (SSRF) URL attack, false otherwise |
IsXML
|
IsXML | boolean |
True if the input string is XML, false otherwise |
IsJSON
|
IsJSON | boolean |
True if the input string is JSON, false otherwise |
IsURL
|
IsURL | boolean |
True if the input string is a URL, false otherwise |
OriginalInput
|
OriginalInput | string |
Original input string |
StringInsecureDeserializationJsonDetection
Result of performing an Insecure Deserialization JSON protection operation
Name | Path | Type | Description |
---|---|---|---|
Successful
|
Successful | boolean |
True if the operation was successful, false otherwise |
ContainedJsonInsecureDeserializationAttack
|
ContainedJsonInsecureDeserializationAttack | boolean |
True if the input contained Insecure Deserialization JSON, false otherwise |
OriginalInput
|
OriginalInput | string |
Original input string |
StringSqlInjectionDetectionResult
Result of performing an SQL Injection protection operation
Name | Path | Type | Description |
---|---|---|---|
Successful
|
Successful | boolean |
True if the operation was successful, false otherwise |
ContainedSqlInjectionAttack
|
ContainedSqlInjectionAttack | boolean |
True if the input contained SQL Injection attacks, false otherwise |
OriginalInput
|
OriginalInput | string |
Original input string |
StringXssProtectionResult
Result of performing an XSS protection operation
Name | Path | Type | Description |
---|---|---|---|
Successful
|
Successful | boolean |
True if the operation was successful, false otherwise |
ContainedXss
|
ContainedXss | boolean |
True if the input contained XSS scripting, false otherwise |
OriginalInput
|
OriginalInput | string |
Original input string |
NormalizedResult
|
NormalizedResult | string |
Normalized string result, with XSS removed |
StringXxeDetectionResult
Result of performing an XXE threat detection operation
Name | Path | Type | Description |
---|---|---|---|
Successful
|
Successful | boolean |
True if the operation was successful, false otherwise |
ContainedXxe
|
ContainedXxe | boolean |
True if the input contained XXE threats, false otherwise |
UrlSsrfThreatDetectionResponseFull
Result of checking a URL for SSRF threats
Name | Path | Type | Description |
---|---|---|---|
CleanURL
|
CleanURL | boolean |
True if the URL is clean, false if it is at risk of containing an SSRF threat or attack |
ThreatLevel
|
ThreatLevel | string |
Threat level of the URL; possible values are High, Medium, Low and None |
IPThreatDetectionResponse
Result of performing a IP threat check on an IP address
Name | Path | Type | Description |
---|---|---|---|
IsThreat
|
IsThreat | boolean |
True if the input IP address is a threat, false otherwise |
ThreatType
|
ThreatType | string |
Specifies the type of IP threat; possible values include Blocklist, Botnet, WebBot |
ThreatDetectionBotCheckResponse
Result of performing a Bot check on an IP address
Name | Path | Type | Description |
---|---|---|---|
IsBot
|
IsBot | boolean |
True if the input IP address is a Bot or Robot, false otherwise |
ThreatDetectionTorNodeResponse
Result of performing a Tor node check on an IP address
Name | Path | Type | Description |
---|---|---|---|
IsTorNode
|
IsTorNode | boolean |
True if the input IP address is a Tor exit node, false otherwise |