PowerShell and the SecureSphere API

By Jim Burtoft (Prm) posted 30 days ago

  


Imperva has a lot of documentation around the SecureSphere API along with examples of how to use it. 

https://docs.imperva.com/bundle/v12.6-api-reference-guide/page/61914.htm

We also have a lot of tools and utilities built around it with examples using cURL and python:

https://github.com/imperva/imperva-web-api-composer/blob/master/src/assets/CURL_API_Samples_SecureSphere.zip
and 
https://github.com/imperva/mx-toolbox

However, I was working with a customer that wanted to use PowerShell.  All we had to do was follow the cURL examples - authenticate, save the returned session id to a cookie, then make our API call.  While it seemed like a simple enough process, it wasn't working.  Whatever our problem was, the session id wasn't being parsed and saved and every subsequent API call said we weren't logged in.

It turns out that we were trying too hard.  Instead of parsing and saving everything, PowerShell allows us to just save the whole session and reuse it.  (see the PowerShell documentation at https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-webrequest?view=powershell-7.1 example 2 )

Below is an example of a working authentication and subsequent call.  Hopefully, you can use this (along with the other documentation/examples above) to help with your PowerShell integrations. 

You can use the code below as a test if you have DAM.  Just update the IP address and the Basic authentication string (username:password base64 encoded) and it should work for you.  (it just queries the vulnerability test list -- it doesn't change anything).  If you run it a second time in the same session, you will get an error that you are adding a header that already exists, but it should still work.

You should be able to use the same process to update SecureSphere WAF settings - it is the same API - you will just need a WAF-related call to test it.

Reach out to us here on the Imperva Community with any questions!

$headers.Add("Authorization", "Basic NOPETHISISHIDDEN=")
$LoginResponse = Invoke-WebRequest 'https://192.168.2.5:8083/SecureSphere/api/v1/auth/session' -SessionVariable 'Session' -Method 'POST' -Headers $headers
$Session
$ProfileResponse = Invoke-WebRequest 'https://192.168.2.5:8083/SecureSphere/api/v1/conf/assessment/tests/' -Method 'GET' -WebSession $Session
$ProfileResponse ‚Äč
#On-PremisesWAF(formerlySecuresphere)
0 comments
353 views

Permalink