Introducing the ETM API: Enhanced Capabilities for Black Lantern Security's enter_the_matrix Tool
ETM API provides enhanced abilities for interacting directly on the data collected by ETM including the ability to produce actionable metrics for clients
Black Lantern Security (BLS) is happy to announce a new milestone has been achieved in the development of
enter_the_matrix (ETM). A full CRUD API has been introduced that gives users the ability to integrate ETM into their workflows and reporting capabilities.
The API is available with full Swagger documentation to help you test and create your integrations as easily as possible. Authorization is required on all API endpoints and is handled by supplying the
X-API-Key custom header and a key generated within ETM.
Each API key has granular permissions that are controlled within the administrative section of the application. Keys can be limited to specific resource types, specific CRUD operations, and specific assessments.
Through the new API, you can pull out data to produce interesting metrics about yourself as an organization as well as your client’s organizations. Create reports using tools like PowerBI to present a history of attack scenarios used against your client or show which vulnerabilities you’ve used as a consultant to cause business impact. The metrics you create through the general use of ETM also paint a picture of how you as a consultant operate. Understanding this information can help you improve areas you may not execute in often, or simply show how well you match up to the adversaries you are emulating.
To learn more about the ETM API and its capabilities, head over to https://github.com/blacklanternsecurity/enter_the_matrix, deploy ETM, and navigate to the
/swagger endpoint for full documentation. We hope you find these updates useful, and we look forward to continuing to improve ETM in the future. If you have any questions or ideas for future development work, please feel free to reach out over in our Discord server, by submitting an issue on GitHub, or directly over Twitter (@blacklanternllc, @codymartin)
Thanks for reading Black Lantern Security (BLSOPS)! Subscribe for free to receive new posts!