Security Remediation: Jamf Protect + API Automation скачать в хорошем качестве

Security Remediation: Jamf Protect + API Automation

Transform security remediations from blunt-force actions into precision responses using contextual data. Rob Lee (Sales Engineer at Jamf) demonstrates how combining Jamf Protect's behavioral analytics with Jamf Pro automation and GraphQL API integration creates targeted, user-friendly security workflows. Learn to move beyond crude "delete everything" approaches to intelligent remediations that know exactly which file, launch agent, or credential to target—improving both security effectiveness and user experience. What you'll learn: ► Setting up Jamf Protect behavioral analytics with Jamf Pro smart groups ► Creating custom triggers for automated security remediation workflows ► Why crude remediations fail: file paths, naming conventions, user experience ► Introduction to APIs: what they are and why they matter for security automation ► GraphQL vs REST API: understanding the Jamf Protect API structure ► Querying the macOS Security Portal API for alert-specific context data ► Using jq JSON parser to extract file paths from API responses (built-in macOS 15+) ► Building dynamic remediation scripts with exact file path targeting ► Advanced use cases: credential harvesting response, launch agent remediation ► Maintaining smart group membership through remediation lifecycle 0:00 Introduction: The Security Remediation Challenge 2:41 Jamf Protect Behavioral Analytics Overview 3:33 Building the Basic Remediation Workflow 6:44 Extension Attributes for Jamf Protect Smart Groups 8:04 Creating Smart Groups for Security Event Detection 9:40 Remediation Policy with Custom Triggers 12:34 The Problem: Crude Remediations and User Impact 17:53 Why Better Context Matters for Security 19:22 What is an API? Understanding Application Programming Interfaces 21:05 GraphQL Explained: Schema, Types, Fields, and Endpoints 27:30 Reading API Data vs. GUI Data: Same Information, Different Format 38:03 Complete Script: Authentication, API Query, Targeted Deletion 40:29 Advanced Applications: Password Resets, Launch Agent Management #JamfProtect #SecurityAutomation #GraphQL #APIIntegration #EndpointSecurity #endpointprotection