Neon Cyber Developer API (1.0.3)

Download OpenAPI specification:

E-mail: support@neoncyber.com License: Neon Cyber Inc. Terms of Service

This is the Neon Cyber Developer API for registered users of the Neon Cyber Platform.

This API requires an API token. For help generating one reach out to our team at support@neoncyber.io.

Introduction

The Developer API was designed to allow developers to quickly access data from their Neon Cyber deployment including data about each user and browser (AKA Clients), browser events such as platform information and Neon detections like malware or threat intelligence that triggered on browsing behavior.

Clients vs Users

It is important to understand our terminology when working with the API. A Client is likely an employee in your organization that is associated to a Deployment group, has a policy set, and registers their browsers with the Neon Cyber platform. Clients always have a corporate email as a reference to their management. This is distinctly different than a User of the platform. A User in our context is a dashboard user, such as a member of your Security Operations team. A User can log into the frontend, manage deployments, policies, detections, etc. While a User is mostly likely also registered as a Client we make a distinction.

Users can:

Log into the dashboard at https://app.neoncyber.io
Create deployments
Create a developer key and use this API

Clients can:

Register their browser with the Neon Cyber Platform
Use the Neon Cyber Web Agent to generate events, detections, and receive Policies

Clients can't:

Log into the dashboard
Manage any configuration or settings
Call this API

Clients vs Registrations

Now that you have a better understand of what a Client is, let's cover Registrations. If a Client is an employee with an email address, a Registration is their one-or-many browsers protected by the platform. In most cases Clients will have one Registration which is equivalent to a single browser, perhaps on their work laptop. In other cases Clients may have additional browsers that can also register. A Registration is the association of these browsers connecting to the Neon Cyber platform, creating a record, and getting authentication and policy settings.

Clients have:

One record with an email address

Registrations can have:

Many records associated with the Client id
One record associated with the Client id

Deployments

We have covered Clients and Registrations, let's talk about Deployments. A Deployment is a group of Clients that you want to manage as a logical group. It's easy to think of these groups like you would in any IT directory. You may have a deployment group for Engineering, or HR. When your account is created it also creates an Organization wide Deployment group that is immutable and has a default policy. This allows you to then register and onboard clients without additional configuration. However, you may want to create more Deployment groups based on your needs, as mentioned above. A Deployment has Settings and a Policy associated with it that gives you fine grained control over how that group will be configured when Clients register.

Deployments have:

Settings that dictate what type of events you would like to collect
A Policy that dictates what type of detections and security settings to enforce

Clients have:

An assigned Deployment for associated settings
Only one Deployment, but Clients can be assigned to different Deployments as needed

Events, Detections, and Alerts

The Neon Cyber Platform has a multi-layered approach to investigating data throughout its lifecycle. We do this because we want our Users to have options when protecting their organization.

Events

At their post basic Events are raw telemetry collected straight from the Clients browser. This data is uninterpreted by Neon Cyber and gives you access to what we can can see. We consider this an unopinionated data set, where no processing has been applied. A good example of this is the Platform event. This event gives you the Client browsers platform data without the additional associations we make in the frontend.

Detections

Detections are processed Events that go through our first level of security analytics to enrich and detect security relevant context. A Detection is always worth investigating but may be considered low/medium/high severity by your Organization. A good example of a Detection is when a Client downloads a file while in Incognito mode. The severity is up to you, but we think its important and so our Detections are considered opinionated events. Detections can be configured and supressed or elevated to Alerts, which we will discuss next.

Detections also include a Detection Pattern-of-life accessible through the API. When investigating a detection you can use the detection ID to get a complete snapshot of the browsing activity that triggered the detection. By default the PoL includes 20 entries and will always include the first 5, showing how the tab was opened and initial browsing activity, as well as the last 5 up to and including the page that triggered the detection. We continuously trim the middle 10 based on storage and memory for long running tabs.

API Authorization

All requests to the API must include an additional "Authorization" header with you API key. This key can be generated from your Account page on the Neon Cyber dashboard. A detailed example of the requirement is included in each request using curl but is the same for any request method.

Future SDKs

As we continue to build we will create language specific SDKs to improve the Developer Experience. Our first SDK will be Python and we will update our users when it is available.

Apps

Apps are the SaaS apps in our catalog that are tied to user behaviors and includes a summary of the company, authentication, compliance, and more.

Get all apps in the catalog

Gets all app data from our SaaS catalog

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)
name	string Example: name=Adobe Name of the company to search for

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/apps \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "b1ed4e9c-f1ac-4ed3-a6cd-657d67abf338",
"name": "Adobe",
"description": "Adobe is a software company that provides its users with digital marketing and media solutions.",
"summary": "Adobe Creative Cloud offers a suite of applications and services for creative professionals, including tools for graphic design, video editing, web development, and photography.",
"products": "Adobe Creative Cloud, Adobe Photoshop, Adobe Express",
"categories": "Artificial Intelligence (AI),Consulting,Enterprise Software,Graphic Design,Image Recognition,Photo Editing",
"business_model": "SaaS",
"saas": true,
"locations": "San Jose,California,United States",
"headquarters": "San Jose, California",
"employees": "10001+",
"short_name": "adobe-systems",
"website_url": "https://www.adobe.com",
"signin_url": "https://accounts.adobe.com/",
"privacy_url": "https://www.adobe.com/privacy/policy.html",
"trust_url": "https://www.adobe.com/trust.html",
"signup_url": "https://adobe.com/account/sign-up.html",
"signup": true,
"sso": true,
"mfa": true,
"google_auth": true,
"github_auth": true,
"google_auth_url": "https://app.example.com/google/auth",
"github_auth_url": "https://app.example.com/github/auth",
"privacy_summary": "Adobe takes data privacy seriously, emphasizing transparency and user control over personal data. Users can request to stop processing their information and are informed about their rights. Adobe collects personal information for service provision and uses cookies for tracking. They disclose data to third parties for processing, legal compliance, and marketing, while ensuring appropriate protections during international transfers.",
"collection_summary": "Adobe collects a variety of personal information, including identifiers (name, email, address), commercial information (payment details), demographic data (age, occupation), and electronic activity (IP address, browser info). They also gather inferred information from third-party sources and user interactions with their services.",
"sharing_summary": "Adobe shares personal information with third parties, including affiliates, advertising partners, and service providers, for various purposes such as marketing, fraud prevention, and service provision. They may also disclose data for legal reasons and to comply with government requests. Users are informed about these practices and can opt out of certain data sharing.",
"shares_data": true,
"sells_data": false,
"open_source": false,
"soc2_compliance": true,
"hippa_compliance": false,
"pci_compliance": false,
"gdpr_compliance": true,
"iso27001_cert": false,
"iso27017_cert": false,
"iso27018_cert": false,
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00"
}
]
}

Get app by id

Gets an app using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

appId

required

string <uuid>

Id of the app record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/apps/<appId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "b1ed4e9c-f1ac-4ed3-a6cd-657d67abf338",
"name": "Adobe",
"description": "Adobe is a software company that provides its users with digital marketing and media solutions.",
"summary": "Adobe Creative Cloud offers a suite of applications and services for creative professionals, including tools for graphic design, video editing, web development, and photography.",
"products": "Adobe Creative Cloud, Adobe Photoshop, Adobe Express",
"categories": "Artificial Intelligence (AI),Consulting,Enterprise Software,Graphic Design,Image Recognition,Photo Editing",
"business_model": "SaaS",
"saas": true,
"locations": "San Jose,California,United States",
"headquarters": "San Jose, California",
"employees": "10001+",
"short_name": "adobe-systems",
"website_url": "https://www.adobe.com",
"signin_url": "https://accounts.adobe.com/",
"privacy_url": "https://www.adobe.com/privacy/policy.html",
"trust_url": "https://www.adobe.com/trust.html",
"signup_url": "https://adobe.com/account/sign-up.html",
"signup": true,
"sso": true,
"mfa": true,
"google_auth": true,
"github_auth": true,
"google_auth_url": "https://app.example.com/google/auth",
"github_auth_url": "https://app.example.com/github/auth",
"privacy_summary": "Adobe takes data privacy seriously, emphasizing transparency and user control over personal data. Users can request to stop processing their information and are informed about their rights. Adobe collects personal information for service provision and uses cookies for tracking. They disclose data to third parties for processing, legal compliance, and marketing, while ensuring appropriate protections during international transfers.",
"collection_summary": "Adobe collects a variety of personal information, including identifiers (name, email, address), commercial information (payment details), demographic data (age, occupation), and electronic activity (IP address, browser info). They also gather inferred information from third-party sources and user interactions with their services.",
"sharing_summary": "Adobe shares personal information with third parties, including affiliates, advertising partners, and service providers, for various purposes such as marketing, fraud prevention, and service provision. They may also disclose data for legal reasons and to comply with government requests. Users are informed about these practices and can opt out of certain data sharing.",
"shares_data": true,
"sells_data": false,
"open_source": false,
"soc2_compliance": true,
"hippa_compliance": false,
"pci_compliance": false,
"gdpr_compliance": true,
"iso27001_cert": false,
"iso27017_cert": false,
"iso27018_cert": false,
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00"
}
}

Clients

Clients (AKA Employees w/Email) associated with a Deployment group.

Get all clients

Gets all client records

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)
status	Array of any Items Enum: "pending" "registered" "deregistered" "unassigned" Specify array of specific client status values to include

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/clients \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"registered_at": "2024-10-04T20:33:45.39199+00:00",
"registered_updated_at": "2024-10-04T20:33:45.39199+00:00",
"deregistered_at": "2024-10-04T20:33:45.39199+00:00",
"email": "user@example.com",
"status": "pending"
}
]
}

Get client by id

Gets a client using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

clientId

required

string <uuid>

Id of the client record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/clients/<clientId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"registered_at": "2024-10-04T20:33:45.39199+00:00",
"registered_updated_at": "2024-10-04T20:33:45.39199+00:00",
"deregistered_at": "2024-10-04T20:33:45.39199+00:00",
"email": "user@example.com",
"status": "pending"
}
}

Deployments

Logical groups for managing Client onboarding, policies, and browsers.

Get all deployments

Gets all deployment records

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)
status	Array of any Items Enum: "pending" "enabled" "disabled" Specify array of specific deployment status values to include

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/deployments \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"user_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"registered_at": "2024-10-04T20:33:45.39199+00:00",
"registered_updated_at": "2024-10-04T20:33:45.39199+00:00",
"deregistered_at": "2024-10-04T20:33:45.39199+00:00",
"email": "user@example.com",
"status": "pending"
}
]
}

Get deployment by id

Gets a deployment using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

deploymentId

required

string <uuid>

Id of the deployment record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/deployments/<deploymentId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"user_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"registered_at": "2024-10-04T20:33:45.39199+00:00",
"registered_updated_at": "2024-10-04T20:33:45.39199+00:00",
"deregistered_at": "2024-10-04T20:33:45.39199+00:00",
"email": "user@example.com",
"status": "pending"
}
}

Detections

Security events that require attention. These detections are opinionated events that are either known security events or require investiation.

Note: For performance reasons the source data view is columnar and may include 'null' fields when a detection type filter is not applied. This does not mean that expected data for each detection type is missing.

Get all detections

Gets all detection records

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)
type	Array of any Items Enum: "intel" "download" "malware" "form" "phishing" Specify array of specific detection types to include

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/detections \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"client_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"registration_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"detection_type": "download",
"detection_timestamp": "2024-10-04T20:33:45.39199+00:00",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"source": "Compromised Credential",
"description": "Threat intelligence detected a url know to distribute malware",
"url": "https://badurl.com",
"filename": "c:\\Users\\user\\Downloads\\suspicious.exe",
"mime": "application/x-executable",
"incognito": true,
"referrer": "https://sendingyoutobad.com",
"danger": "suspicious",
"total_bytes": 423154,
"action": "https://login.example.com/submit",
"email": "user@example.com",
"password": true,
"compromised": true,
"tab_id": 2004943471,
"pii": false
}
]
}

Get detection by id

Gets a detection using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

detectionId

required

string <uuid>

Id of the detection record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/detections/<detectionId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"client_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"registration_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"detection_type": "download",
"detection_timestamp": "2024-10-04T20:33:45.39199+00:00",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"source": "Compromised Credential",
"description": "Threat intelligence detected a url know to distribute malware",
"url": "https://badurl.com",
"filename": "c:\\Users\\user\\Downloads\\suspicious.exe",
"mime": "application/x-executable",
"incognito": true,
"referrer": "https://sendingyoutobad.com",
"danger": "suspicious",
"total_bytes": 423154,
"action": "https://login.example.com/submit",
"email": "user@example.com",
"password": true,
"compromised": true,
"tab_id": 2004943471,
"pii": false
}
}

DetectionsPol

The Neon agent keeps track of browsing events locally in the browser that are sent when a Detection occurs. This Pattern-of-life gives users the ability to see what lead to the detection, including why the tab was opened, what websites the user navigated to, and the remote resources of the offending page.

Get all detections pattern-of-life

Gets all detection pattern-of-life events that happened when the detection occured

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/detections_pol \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"detection_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"tab_id": 2004943475,
"tab_parent": 2004943327,
"tab_url": "https://www.google.com/",
"tab_timestamp": "2024-10-17 20:49:48.776+00",
"page_id": 7510,
"page_idx": 14,
"page_url": "https://github.com/login",
"page_entry": "2024-10-17 20:52:03.547+00",
"page_exit": "2024-10-17 20:62:03.547+00",
"page_title": "Sign in to GitHub · GitHub",
"frame_id": 1828,
"frame_idx": 2,
"frame_url": "https://www.google.com/recaptcha/api2/aframe",
"frame_timestamp": "2024-10-17 21:62:03.547+00",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00"
}
]
}

Get detection pattern-of-life by detection id

Gets a detection pol using the id of the source detection, useful when fetching from detections.

Authorizations:

api_key

path Parameters

detectionId

required

string <uuid>

Id of the detection record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/detectionspol/<detectionId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"detection_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"tab_id": 2004943475,
"tab_parent": 2004943327,
"tab_url": "https://www.google.com/",
"tab_timestamp": "2024-10-17 20:49:48.776+00",
"page_id": 7510,
"page_idx": 14,
"page_url": "https://github.com/login",
"page_entry": "2024-10-17 20:52:03.547+00",
"page_exit": "2024-10-17 20:62:03.547+00",
"page_title": "Sign in to GitHub · GitHub",
"frame_id": 1828,
"frame_idx": 2,
"frame_url": "https://www.google.com/recaptcha/api2/aframe",
"frame_timestamp": "2024-10-17 21:62:03.547+00",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00"
}
]
}

Events

Browser telemetry events and actions. These events are collected from the Neon Agent as un-opinionated data as it happens in the browser.

Note: For performance reasons the source data view is columnar and may include 'null' fields when an event type filter is not applied. This does not mean that expected data for each event type is missing.

Get all events

Gets all event records

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)
type	Array of any Items Enum: "download" "geo" "platform" "navigation" "app" "auth" "upload" "extension" Specify array of specific event types to include

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/events \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"client_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"registration_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"event_type": "download",
"event_timestamp": "2024-10-04T20:33:45.39199+00:00",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"agent": "2.1.4",
"arch": "x86-64",
"display": "Chrome",
"name": "chrome",
"os": "win",
"ua": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/129.0.0.0",
"version": "129.0.0.0",
"latitude": 46.4805,
"longitude": -121.4363,
"ip": "20.30.40.50",
"ip_latitude": 46.4805,
"ip_longitude": -121.4363,
"asn": 7922,
"asn_isp": "COMCAST-7922",
"city": "Portland",
"country": "US",
"postal_code": 97202,
"region_code": "OR",
"region_name": "Oregon",
"tab_id": 2000398,
"url": "https://example.com",
"frame_id": 1293,
"download_id": 102937,
"filename": "c:\\Users\\user\\Downloads\\anything.json",
"mime": "application/json",
"incognito": true,
"referrer": "https://sendingyoutodownload.com",
"danger": "safe",
"total_bytes": 423154
}
]
}

Get event by id

Gets an event using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

eventId

required

string <uuid>

Id of the event record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/events/<eventId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"client_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"registration_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"event_type": "download",
"event_timestamp": "2024-10-04T20:33:45.39199+00:00",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"agent": "2.1.4",
"arch": "x86-64",
"display": "Chrome",
"name": "chrome",
"os": "win",
"ua": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/129.0.0.0",
"version": "129.0.0.0",
"latitude": 46.4805,
"longitude": -121.4363,
"ip": "20.30.40.50",
"ip_latitude": 46.4805,
"ip_longitude": -121.4363,
"asn": 7922,
"asn_isp": "COMCAST-7922",
"city": "Portland",
"country": "US",
"postal_code": 97202,
"region_code": "OR",
"region_name": "Oregon",
"tab_id": 2000398,
"url": "https://example.com",
"frame_id": 1293,
"download_id": 102937,
"filename": "c:\\Users\\user\\Downloads\\anything.json",
"mime": "application/json",
"incognito": true,
"referrer": "https://sendingyoutodownload.com",
"danger": "safe",
"total_bytes": 423154
}
}

Policies

Policies allow you to manage which events or detections are collected and emitted.

Get all policies

Gets all policy records

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/policies \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"user_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"description": "Developer restrictions on github usage",
"detections": { },
"events": { }
}
]
}

Get policy by id

Gets a policy using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

policyId

required

string <uuid>

Id of the policy record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/policies/<policyId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"deployment_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"user_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"description": "Developer restrictions on github usage",
"detections": { },
"events": { }
}
}

Get registration by id

Gets a registration using the id, useful when fetching from other requests.

Authorizations:

api_key

path Parameters

registrationId

required

string <uuid>

Id of the registration record

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/policies/<policyId> \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": {"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"client_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"email": "user@example.com",
"enabled": true
}
}

Registrations

Browsers that have registered with the Neon Platform and associated to Clients. Clients can have one-to-many registrations associated with their Client (w/Email)

Get all registrations

Gets all registration records

Authorizations:

api_key

query Parameters

limit	integer <int32> Example: limit=100 max records to return
start	integer <int32> Example: start=1 Start records at position
end	integer <int32> Example: end=10 End records at position
sort	string Example: sort=asc Sort results by updated time ascending (asc) or default descending (desc)
enabled	boolean Filter on enabled status

Responses

Request samples

Curl

curl -X GET https://api.neoncyber.io/v1/registration \
      -H 'Authorization: <token>'

Response samples

Content type

application/json

{"error": null,
"data": [{"id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"client_id": "572ba294-4ccc-457c-b4ee-e3845467c254",
"inserted_at": "2024-10-04T20:33:45.39199+00:00",
"updated_at": "2024-10-04T20:33:45.39199+00:00",
"email": "user@example.com",
"enabled": true
}
]
}