Implementing Automation for Cisco Security Solutions (SAUI)

In this Implementing Automation for Cisco Security Solutions course provides a comprehensive, hands-on introduction to automating security operations across the Cisco security portfolio using APIs and automation tools. It focuses on how security teams can programmatically access telemetry, enforce policy, generate reports, and integrate Cisco security platforms into broader security orchestration and response workflows. The curriculum emphasizes practical API consumption, automation design, and operational use cases aligned with modern security operations and DevSecOps practices.

Students explore Cisco security APIs across multiple platforms, including Cisco Advanced Malware Protection, Cisco Identity Services Engine with pxGrid, Cisco Threat Grid, Cisco Umbrella, Cisco Firepower, and Cisco Stealthwatch. The course demonstrates how these APIs expose actionable security intelligence, enable dynamic policy enforcement, and support automated investigation and remediation. Emphasis is placed on understanding how identity, endpoint posture, DNS-layer security, network telemetry, and firewall enforcement can be correlated programmatically for faster and more consistent security outcomes.

Hands-on labs reinforce each module by guiding students through real-world automation tasks using REST APIs, Python, and Ansible. Learners query endpoint compliance, automate firewall policies, generate security reports, integrate identity and threat intelligence, and operationalize network detection and response through API-driven workflows. By the end of the course, students are prepared to automate Cisco security platforms at scale, integrate them with SIEM and SOAR systems, and support advanced security automation initiatives aligned with the SAUTO certification.

How You'll Benefit

This course will help you:

• Gain the knowledge and skills to use automation and programmability to design more efficient networks, increase scalability, and protect against cyberattacks
• Learn how to create APIs to streamline cloud-based, network security solutions for your organization
• Earn 24 CE credits toward recertification
• Prepares you for the 300-735 SAUTO exam

Upon completing this course, the student will be able to:

• Describe the overall architecture of the Cisco security solutions and how APIs help enable security
• Know how to use Cisco Firepower APIs
• Explain how pxGrid APIs function and their benefits
• Demonstrate what capabilities the Cisco Stealthwatch APIs offer and construct API requests to them for configuration changes and auditing purposes
• Describe the features and benefits of using Cisco Stealthwatch Cloud APIs
• Learn how to use the Cisco Umbrella Investigate API
• Explain the functionality provided by Cisco AMP and its APIs
• Describe how to use Cisco Threat Grid APIs to analyze, search, and dispose of threats

What to Expect in the Exam

The 300-735 SAUTO exam certifies your knowledge and skills for implementing Security automated solutions including programming concepts, RESTful APIs, data models, protocols, firewalls, web, DNS, cloud, email security, and ISE.

After you pass 300-735 SAUTO exam, you earn the Cisco Certified DevNet Specialist - Security Automation and Programmability certification, and you satisfy the concentration exam requirement for these professional-level certifications:

• CCNP® Security
• Cisco Certified DevNet Professional

The primary audience for this course is as follows:

• Network Engineer
• Network Administrator
• Network Manager
• Systems Engineer
• Wireless Engineer
• Wireless Design Engineer
• Consulting Systems Engineer
• Sales Engineer
• Technical Solutions Architect
• Account Manager

Before enrolling in this course, you should have professional level knowledge in the following areas:

• Basic programming language concepts
• Basic understanding of virtualization
• Ability to use Linux and Command Line Interface (CLI) tools, such as Secure Shell (SSH) and bash
• CCNP level core networking knowledge
• CCNP level security networking knowledge

The following Cisco courses can help you gain the knowledge you need to prepare for this course:

• Introducing Automation for Cisco Solutions (CSAU)
• Implementing and Administering Cisco Solutions (CCNA®)
• Programming Use Cases for Cisco Digital Network Architecture (DNAPUC)
• Introducing Cisco Network Programmability (NPICNP)
• Implementing and Operating Cisco Security Technologies (SCOR)

Module 1: Introducing Cisco Security APIs

Module 2: Consuming Cisco Advanced Malware Protection APIs

Module 3: Using Cisco ISE

Module 4: Using Cisco pxGrid APIs

Module 5: Using Cisco Threat Grid APIs

Module 6: Investigating Cisco Umbrella Security Data Programmatically

Module 7: Exploring Cisco Umbrella Reporting and Enforcement APIs

Module 8: Automating Security with Cisco Firepower APIs

Module 9: Operationalizing Cisco Stealthwatch and the API Capabilities

Module 10: Using Cisco Stealthwatch Cloud APIs

Module 11: Describing Cisco Security Management Appliance APIs

LAB OUTLINE

• Query Cisco AMP Endpoint APIs for Verifying Compliance
• Use the REST API and Cisco pxGrid with Cisco Identity Services Engine
• Construct a Python Script Using the Cisco Threat Grid API
• Generate Reports Using the Cisco Umbrella Reporting API
• Explore the Cisco Firepower Management Center API
• Use Ansible to Automate Cisco Firepower Threat Defense Configuration
• Automate Firewall Policies Using the Cisco Firepower Device Manager API
• Automate Alarm Policies and Create Reports Using the Cisco Stealthwatch APIs
• Construct a Report Using Cisco Stealthwatch Cloud APIs