Advanced Threat Prevention
The Advanced Threat Prevention API endpoints require an active subscription to the Advanced Threat Prevention security service. These endpoints can only be accessed using the API key associated with the account that holds the subscription. Attempting to view an unauthorized report ID will not return any results. List of Advanced Threat Prevention API endpoints: 1. Link to Request Advanced Threat Prevention cloud analysis report 2. Link to Request Advanced Threat Prevention cloud analysis report PCAP
Authentication
- API Key: X-API-KEY
API key to query https://api.threatvault.paloaltonetworks.com/service/v1
| Security Scheme Type: | apiKey |
|---|---|
| Header parameter name: | X-API-KEY |
📄️ Request Advanced Threat Prevention Report in Batch Mode
A POST request to retrieve the ATP report by report id in batch mode. Batch limit is 100 entries. Get one or more ATP reports. User must provide **one or more** report IDs in request body.
📄️ Request Advanced Threat Prevention Report PCAP
A GET request to retrieve the ATP report sample (packet capture) by report id.