Introducing the Cylance Go Developer Sample
The BlackBerry Cylance API allows developers to request the status of their Cylance workspace with dozens of endpoints including; Users, Devices, Zones, Detections, Threats, and InstaQueries. Nearly the entire Cylance web console, given this API, can be recreated in any platform, and with any language.
This sample application is provided to show developers how to harness both portability of a React-Native code base and convenience of having their Cylance console mobile. It includes a library for making Cylance Restful calls, which the React-Native application leverages. The goal of this applications is for developers to extend it. Either modification for their use cases, or to take it apart for learning purposes.
In this blog you will see a preview of the application and its accompanying Notification/SYSLOG server, which allows users to act on threats in real time.
Both the app and its accompanying server are available on the BlackBerry public GitHub page here.
Features of React-Native application
The React-Native application implements the following functionality of the API/Web Console:
Features of Notification Server/Syslog’s Server
Note: The Notification/Syslog Server is not required to run or use the React-Native application. You can simply not use it.
The accompanying Node.js Server provides two major features:
- Notification Management which is configured by your Firebase’s Firebase Cloud Messaging (FCM) credentials
What does it do?
- Register Devices for Notifications
- De-register Devices from Notifications
- Sends Push Notifications via Firebase Cloud Messaging on SysLog Detection.
- Capturing your BlackBerry Optics SysLogs configured in your Cylance console settings (see figure 4)
What does it do?
- Stores the incoming SysLog detections in a local database.
- Servers a restful API for the React-Native app to access them.
How does it all work together?
We’ve put together a diagram showing how the many components in this developer sample work together. Follow the flow from steps one to ten.
In step one, BlackBerry® Optics has found a threat on a device. This threat was automatically sent to the BlackBerry® Protect console. Once it was flagged by the accompanying Syslog/Notification Server, a notification was sent to all registered devices.
For step ten, our end user has been notified of the threat and they have chosen to lockdown the device.
Beyond this Introduction
Using this application as a developer
The purpose of this application is to allow the developer community to build off it and create use cases that are valuable to them. The application will be available open source under the Apache 2.0 License. Take it apart. Rip out a module. Learn from it!
If you want to learn how to configure and run this application, there are instructions in the form of README.md found with the source code of the App/Server on BlackBerry’s GitHub.
While this is a high-level overview of the application, accompanying blogs will be released in due time that focus more on configuration, setup, and code. Keep an eye out for more blogs on this topic.
Thanks for reading!