CyberVault Go SDK v2.3.0

The official Go client for the CyberVault cybersecurity platform. Type-safe, performant, and designed for production-grade threat detection, incident response, and compliance automation.

Installation

Requires Go 1.21 or later. Install the SDK using go get:

Terminal 
go get github.com/cybergvault/go-sdk/v2@latest

Import the package in your Go files:

main.go 
import (
	"github.com/cybergvault/go-sdk/v2/cv"
	"github.com/cybergvault/go-sdk/v2/threats"
)

Quick Start

Initialize the client and run your first security scan:

main.go 
package main

import (
	"context"
	"fmt"
	"log"

	"github.com/cybergvault/go-sdk/v2/cv"
	"github.com/cybergvault/go-sdk/v2/threats"
)

func main() {
	ctx := context.Background()

	// Initialize with auto-detected API key (CYS_API_KEY env var)
	client := cv.NewClient(ctx, nil)

	// Run a lightweight threat scan
	result, err := client.Threats.Scan(ctx, &threats.ScanRequest{
		Targets: []string{"192.168.1.0/24", "api.example.com"},
		Profile: "standard",
	})
	if err != nil {
		log.Fatalf("scan failed: %v", err)
	}

	fmt.Printf("Threats detected: %d\n", result.Summary.DetectedCount)
}

Authentication

The SDK supports multiple authentication methods. Priority order:

  1. Explicit key passed during client initialization
  2. CYS_API_KEY environment variable
  3. ~/.cybergvault/credentials config file
ℹ️
API keys should never be committed to version control. Use environment variables or secret managers in production.
auth.go 
// Explicit API key
client := cv.NewClient(ctx, &cv.Config{
    APIKey: "cv_live_8f3a...",
    Region: cv.US_East,
})

// OAuth2 / Service Account (for enterprise)
tokenSource := oauth2.NewServiceAccountFromFile("./sa-key.json")
client := cv.NewClientWithToken(ctx, tokenSource)

Threat Detection

Scan networks, endpoints, and cloud resources using built-in profiles or custom rules.

threats.go 
req := &threats.ScanRequest{
    Targets: []string{"prod-cluster.k8s.local"},
    Profile: "advanced",
    Options: threats.ScanOptions{
        IncludeSubdomains: true,
        Timeout:           5 * time.Minute,
    },
}

scan, err := client.Threats.CreateScan(ctx, req)
// Poll for completion or use webhook callbacks
status, _ := client.Threats.GetScanStatus(ctx, scan.ID)

Incident Response

Automate containment, forensics, and reporting workflows:

response.go 
incident, err := client.Incidents.Create(ctx, &cv.Incident{
    Severity: cv.High,
    Title:    "Suspicious outbound traffic on port 443",
    Tags:     []string{"c2-activity", "network"},
})

// Trigger automated playbook
client.Incidents.ExecutePlaybook(ctx, incident.ID, "isolate-hosts")

API Reference

Method Description Return Type
Client.Threats.Scan(ctx, req) Initiate async threat detection scan *ScanResponse
Client.Incidents.Create(ctx, data) Register new security incident *Incident
Client.Compliance.Check(ctx, framework) Validate against SOC2/ISO/HIPAA *ComplianceReport
Client.Webhooks.Register(ctx, cfg) Subscribe to real-time events *WebhookEndpoint

Error Handling

All API methods return standard Go errors. Use type assertions for detailed diagnostics:

errors.go 
if err != nil {
    var apiErr *cv.APIError
    if errors.As(err, &apiErr) {
        log.Printf("API Error: %s (Code: %d, Retry: %t)",
            apiErr.Message, apiErr.StatusCode, apiErr.ShouldRetry())
    }
}

// SDK automatically retries on 429, 500, 502, 503
// Configure with cv.Config{RetryPolicy: cv.ExponentialBackoff{...}}

Changelog

v2.3.0
2025-09-15
  • Added Client.Compliance.Audit for real-time framework validation
  • Improved retry logic with exponential backoff & jitter
  • Fixed context cancellation race condition in webhook listeners
v2.2.0
2025-08-22
  • Introduced cv.Incidents.ExecutePlaybook() for automated response
  • Added support for service account OAuth2 authentication
  • Performance: 40% faster threat scan initialization
v2.1.0
2025-07-10
  • Go 1.21 minimum requirement
  • Replaced legacy cv.ThreatClient with unified client.Threats namespace
  • Added structured logging interface