Tufin

name: Tufin
description: >-
  Tufin provides security policy orchestration solutions for managing network security policies across hybrid cloud
  environments, including firewalls, SDN, and cloud security controls. The Tufin Orchestration Suite (TOS) includes
  SecureTrack for network topology and policy analysis, SecureChange for automated policy change workflows, SecureApp
  for application-centric policy management, and SecureCloud for cloud-native security posture management. Tufin offers
  comprehensive REST APIs and GraphQL APIs for integrating with ITSM, SIEM, and other security tools.
image: https://www.tufin.com/themes/custom/tufin/logo.svg
url: https://www.tufin.com
created: '2025'
modified: '2026-05-19'
specificationVersion: '0.18'
tags:
- Cloud Security
- Compliance
- Firewall Management
- Network Security
- Network Topology
- Policy Orchestration
- Risk Management
- Security Policy Management
- Zero Trust
apis:
- name: Tufin SecureTrack API
  description: >-
    The SecureTrack REST API enables programmatic access to Tufin's network security policy management platform. It
    supports querying network devices and firewall rules, analyzing network topology and path queries, retrieving
    policy compliance data, performing risk and cleanup analysis, managing rule documentation and recertification, and
    searching for network objects, services, and interfaces across multi-vendor firewall infrastructure.
    Authentication uses HTTP Basic Auth with TOS credentials.
  image: https://www.tufin.com/themes/custom/tufin/logo.svg
  humanURL: https://www.tufin.com/products/securetrack
  baseURL: https://{tos_host}/securetrack/api
  tags:
  - Compliance
  - Firewall Rules
  - Network Devices
  - Network Topology
  - Policy Analysis
  - Risk Analysis
  properties:
  - type: Documentation
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/securetrack_api.htm
  - type: SwaggerUI
    url: https://forum.tufin.com/support/kc/rest-api/R24-1/securetrack/apidoc/
  - type: Authentication
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/4423.htm
  - type: Reference
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/4420.htm
  - type: GettingStarted
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/4423.htm
  - type: OpenAPI
    url: openapi/tufin-securetrack-openapi.yml
  features:
  - name: Device and Policy Management
    description: Retrieve, add, and update firewall devices and security policies across multi-vendor environments.
  - name: Network Topology Analysis
    description: Query network paths, retrieve topology maps, and analyze traffic flows across the managed network.
  - name: Risk and Compliance Analysis
    description: Identify policy violations, clean up unused rules, and generate compliance reports.
  - name: Rule Search and Documentation
    description: Search for rules, network objects, and services across all managed devices with full documentation support.
- name: Tufin SecureChange API
  description: >-
    The SecureChange REST API automates security policy change workflows, enabling programmatic submission and
    management of access request tickets, approval workflows, and change implementation across network infrastructure.
    Supports integration with ITSM platforms including ServiceNow, Jira, and Remedy for end-to-end change automation.
  image: https://www.tufin.com/themes/custom/tufin/logo.svg
  humanURL: https://www.tufin.com/products/securechange
  baseURL: https://{tos_host}/securechangeworkflow/api
  tags:
  - Approvals
  - Change Management
  - ITSM Integration
  - Policy Changes
  - Ticketing
  - Workflow Automation
  properties:
  - type: Documentation
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/12309.htm
  - type: SwaggerUI
    url: https://forum.tufin.com/support/kc/rest-api/R24-1/securechangeworkflow/apidoc/
  - type: Reference
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/12309.htm
  - type: Authentication
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/4423.htm
  - type: OpenAPI
    url: openapi/tufin-securechange-openapi.yml
  features:
  - name: Access Request Tickets
    description: Create, retrieve, and update security access request tickets programmatically.
  - name: Workflow Automation
    description: Automate the full lifecycle of security policy changes from request through approval to implementation.
  - name: ITSM Integration
    description: Integrate with ServiceNow, Jira, and other ITSM platforms for unified change management.
- name: Tufin SecureApp API
  description: >-
    API for application-centric security policy management and micro-segmentation. SecureApp enables teams to manage
    security policies at the application level, define connectivity requirements, and automate policy changes for
    application deployments.
  image: https://www.tufin.com/themes/custom/tufin/logo.svg
  humanURL: https://www.tufin.com/products/secureapp
  baseURL: https://{tos_host}/securechangeworkflow/api
  tags:
  - Application Security
  - Micro-Segmentation
  - Policy Management
  - Zero Trust
  properties:
  - type: Documentation
    url: https://forum.tufin.com/support/kc/secureapp/
  - type: Reference
    url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/6481.htm
- name: Tufin SecureTrack GraphQL API
  description: >-
    GraphQL API for the Tufin Orchestration Suite providing flexible querying capabilities for security policy data,
    network topology, and compliance information. Uses OAuth2 authentication and supports complex nested queries
    across SecureTrack resources including devices, policies, rules, and topology.
  image: https://www.tufin.com/themes/custom/tufin/logo.svg
  humanURL: https://forum.tufin.com/support/kc/latest/Content/ST2/API/API_Introduction.htm
  baseURL: https://{tos_ip}/v2/api/sync/graphql
  tags:
  - GraphQL
  - Network Topology
  - OAuth2
  - Policy Analysis
  - Security Data
  properties:
  - type: Documentation
    url: https://forum.tufin.com/support/kc/latest/Content/ST2/API/API_Introduction.htm
  - type: Authentication
    url: https://forum.tufin.com/support/kc/latest/Content/ST2/API/OAuth2.htm
  - url: graphql/tufin-graphql.md
    type: GraphQL
- name: Tufin SecureCloud API
  description: >-
    REST API for Tufin SecureCloud, the cloud-native security policy management platform. Provides endpoints for
    managing cloud accounts, applications, assets, Kubernetes clusters, and security policies across AWS, Azure, and
    GCP environments. Enables cloud security posture management (CSPM) and Kubernetes network policy enforcement
    through API integration.
  image: https://www.tufin.com/themes/custom/tufin/logo.svg
  humanURL: https://www.tufin.com/tufin-orchestration-suite/securecloud
  baseURL: https://{account}.securecloud.tufin.io/api/v1
  tags:
  - Cloud Security
  - CSPM
  - Kubernetes
  - Multi-Cloud
  - Policy Management
  properties:
  - type: Documentation
    url: https://forum.tufin.com/support/kc/securecloud/
  - type: Reference
    url: https://securecloud.tufin.io/api-documentation/index.html
common:
- type: LinkedIn
  url: https://www.linkedin.com/company/tufin-technologies
- type: Portal
  url: https://forum.tufin.com/
- type: Support
  url: https://www.tufin.com/support
- type: Documentation
  url: https://forum.tufin.com/support/kc
- type: Blog
  url: https://www.tufin.com/blog
- type: Login
  url: https://portal.tufin.io/
- type: Contact
  url: https://www.tufin.com/company/contact-us
- type: PrivacyPolicy
  url: https://www.tufin.com/privacy-policy
- type: TermsOfService
  url: https://www.tufin.com/terms-of-use
- type: Website
  url: https://www.tufin.com
- type: GettingStarted
  url: https://forum.tufin.com/support/kc/latest/Content/Suite/RESTAPI/4423.htm
- type: Community
  url: https://community.tufin.com/
- type: GitHubOrganization
  url: https://github.com/Tufin
- type: SDK
  url: https://gitlab.com/tufinps/pytos2-ce
- type: SDK
  url: https://github.com/Tufin/pytos
- type: PostmanCollection
  url: https://github.com/Tufin/postman
- type: SignUp
  url: https://www.tufin.com/demo
- type: Videos
  url: https://www.tufin.com/resources/type/videos
- type: Developers
  url: https://www.tufin.com/developers
- type: OpenAPI
  url: openapi/tufin-securetrack-openapi.yml
- type: OpenAPI
  url: openapi/tufin-securechange-openapi.yml
- type: Vocabulary
  url: vocabulary/tufin-vocabulary.yml
- type: JSONLD
  url: json-ld/tufin-context.jsonld
- type: JSONSchema
  url: json-schema/tufin-device-schema.json
- type: JSONSchema
  url: json-schema/tufin-ticket-schema.json
- type: Integrations
  url: https://www.tufin.com/partners
integrations:
- name: MSSP Program
- name: Become a Partner
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com