Trend Micro TippingPoint
App Vendor: Trend Micro
App Category: Network Security
Connector Version: 1.1.0
API version: 1.0.0
Product Version: 5.0.0
Note
This app is currently released as a beta version.
About App
The Trend Micro TippingPoint app allows security teams to integrate with Trend Micro TippingPoint enterprise application for protection against known, unknown, and undisclosed threats through actions such as quarantining IP addresses and removing IP addresses from quarantine.
The Trend Micro TippingPoint app in the Orchestrate application can perform the below listed actions:
Action Name | Description |
|---|---|
Quarantine an IP Address | This action quarantines an IP address. |
Unquarantine IP Address | This action removes an IP address from quarantine. |
Add Reputation Entry | This action adds a reputation entry. |
Delete Reputation Entry | This action deletes a reputation entry. |
Get Collections | This action provides information about all the collections. |
Get Object From Collection | This action retrieves an object from a collection according to the ID. |
Get Database Schema Information | This action retrieves the database schema information. |
Generic Action | This is a generic action used to make requests to any Trend Micro TippingPoint endpoint. |
Configuration Parameters
The following configuration parameters are required for the Trend Micro TippingPoint app, to communicate with Trend Micro TippingPoint enterprise application. The parameters can be configured by creating instances in the Trend Micro TippingPoint app.
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL, FQDN or the IP address of the SMS server. Example: "http[s]://<sms_server[:port]" | Text | Required | |
Username | Enter the Security Management System (SMS) username. | Text | Required | |
Password | Enter the Security Management System (SMS) password. | Password | Required | |
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Trend Micro TippingPoint. | Integer | Optional | Allowed range: 15-120 Default value: 15 |
SSL Verification | Enter the preference to either verify or skip the SSL verification. | Boolean | Optional | Allowed values:
Default value: No |
Action: Quarantine IP address
This action quarantines an IP address.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the target host as the IP Address. Example: "10.0.10.1" | Text | Required | |
Policy Name | Enter the policy name. Example: "Quarantine-policy" | Text | Required |
|
Timeout | Enter the duration of the response. | Text | Optional | By default, the timeout value from the Policy is used. |
Action: Unquarantine IP Address
This action removes an IP address from quarantine.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the target host as the IP Address. Example: "10.0.10.1" | Text | Required | |
Policy name | Enter the policy name. Example: "Quarantine-policy" | Text | Optional |
|
Timeout | Enter the duration of the response. | Text | Optional | By default, the timeout value from the Policy is used. |
Action: Add Reputation Entry
This action adds a reputation entry.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
IP Address | Enter an IP address to add a reputation entry.Example:"10.0.10.1" | Text | Optional | The parameter is optional if a DNS or a URL is provided. |
DNS | Enter a DNS name to add a reputation entry. | Text | Optional | The parameter is optional if an IP address or a URL is provided. |
URL | Enter a URL to add a reputation entry. | Text | Optional | The parameter is optional if an IP address or a DNS is provided. |
Tags | Enter the tags for IOCs as comma separated values. | Text | Optional |
Action: Delete Reputation Entry
This action deletes a reputation entry.
Action Input Parameters
Parameters | Description | Field Type | Required/Optional | Comments |
Criteria | Enter the criteria to delete a reputation entry. | Text | Required | |
IP Address | Enter the IP Address to delete a reputation entry. Example: "10.0.10.1" | Text | Optional | The parameter is optional if a DNS or a URL is provided. |
DNS | Enter a DNS name to add a reputation entry. | Text | Optional | The parameter is optional if an IP address or a URL is provided. |
URL | Enter a URL to delete a reputation entry. | Text | Optional | The parameter is optional if an IP address or a DNS is provided. |
Tags | Enter the tags for IOCs as comma separated values. | Text | Optional |
Action: Get Collections
This action provides information about all the collections.
Action Input Parameters
There are no input parameters required for this action.
Action: Get Object From Collection
This action retrieves an object from a collection according to the ID.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Object ID | Enter the Object ID to retrieve an object from a collection. | Text | Required |
Action: Get Database Schema Information
This action retrieves the database schema information.
Action Input Parameters
Parameters | Description | Field Type | Required/Optional | Comments |
Database | Enter the database to retrieve the database schema information. Example: "Oracle" | Text | Optional | Default value: MySQL Allowed values:
|