Guide for Push technical integration partners

Push provides a REST API and webhooks to facilitate the ingestion of Push entities and events when creating third-party integrations that bolster the value of both solutions.

Push’s REST API provides access to the administrative functionality of the platform in the form of entities (accounts, apps, browsers, employees, etc.). Refer to the API documentation for information on authentication, rate limits, errors, etc.

Push’s webhooks provide real-time updates on Push-generated events (logins, triggered controls, detection events, etc.). Refer to the webhooks documentation for information on custom headers, filtering events, etc.

You can access a solution architecture diagram via the Push Trust Center.

The Push platform detects and blocks adversary attacks that target corporate workforces via the browser using an agent deployed as an extension to employee browsers. Push generates telemetry using data collected in the browser, which allows security teams to:

• Detect and block attacks on workforce accounts, including modern phishing toolkits that bypass MFA.

• Enforce protective controls like MFA and strong passwords, even on unmanaged apps.

• Investigate and respond with greater confidence and efficiency when addressing browser-based attacks.

Here are some sample use cases for integrating Push data into third-party application types:

• SIEM / SOAR solutions: Correlate Push telemetry generated during a detection event with other signals to enrich response actions, such as locking accounts or updating blocklists.

• IdP solutions: Use Push telemetry to monitor activity for high-privilege accounts and trigger password resets as needed.

• Cloud security monitoring solutions: Use signals from Push (presence of Push browser agent; presence of Push-provided user-agent session marker; account posture, etc.) to establish trust before granting access, or raise alerts on anomalies.