Trend Micro Deep Security
App Vendor: Trend Micro
App Category: Network Security
App Version in Orchestrate: 1.0.0
API version: 1.0.0
About App
The Trend Micro Deep Security app allows security teams to integrate with the Trend Micro Deep Security enterprise application. The app provides advanced server security for physical, virtual, and cloud servers. It protects enterprise applications and data from breaches and business disruptions without requiring emergency patching.
The Trend Micro Deep Security app in the Orchestrate application can perform the below listed actions:
Action Name | Description |
|---|---|
Get a list of all intrusion prevention rules | This action can be used to retrieve all the intrusion prevention rules |
Get a list of Tenants | This action can be used to retrieve all the Tenants. |
Get a list of all Policies | This action can be used to retrieve all the Policies. |
Get a list of all MAC lists | This action can be used to retrieve all the MAC lists. |
Get a list of all IP lists | This action can be used to retrieve all the IP lists. |
Search a Computer | This action can be used to search a Computer on Trend Micro Deep Security. |
Create a Policy | The action can be used to create a Policy. |
Update a Policy | The action can be used to update a Policy. |
Get all Policies | The action is used to retrieve all the Policies. |
Get Policy details | The action can be used to retrieve the policy details. |
Get a list of all integrity monitoring rules | This action can be used to retrieve all integrity monitoring rules. |
Get a list of all Firewall rules | This action can be used to retrieve all the Firewall rules. |
Get a list of all Firewall rule IDs assigned to a Computer | This action can be used to retrieve all the Firewall rule IDs assigned to a Computer. |
Get a list of all the available directories | This action can be used to retrieve all the directories. |
Get a list of contexts | This action can be used to retrieve all the contexts. |
Get a list of computer integrity monitoring rules | This action can be used to retrieve all the computer integrity monitoring rules. |
Get a list of all Computer Groups | This action can be used to retrieve all the Computer Groups. |
Get a list of all Firewall rules associated with a Computer | This action can be used to retrieve all the Firewall rules associated with a Computer. |
Get a list of all Computers | This action can be used to retrieve all the Computers. |
Get a list of Anti-Malware configurations | This action can be used to retrieve all the Anti-Malware configurations. |
Get a list of all administrators | This action can be used to retrieve all the administrators. |
Describe a particular tenant | This action can be used to describe a particular tenant. |
Describe a MAC list | This action can be used to describe a MAC list. |
Describe an IP list by ID | This action can be used to describe an IP list by ID. |
Describe an intrusion prevention rule by ID | This action can be used to describe an intrusion prevention rule by ID. |
Describe a context by ID | This action can be used to describe a context by ID. |
Describe a Computer Group | This action can be used to describe a Computer Group. |
Describe a Computer Firewall rule | This action can be used to describe a Computer Firewall rule. |
Describe a Computer of Trend Micro DS | This action can be used to describe a Computer of Trend Micro DS. |
Prerequisites
All the actions configured in the Trend Micro Deep Security app relate to private APIs. Trend Micro Deep Security Enterprise subscription is required to access the private APIs.
Configuration parameters
The following configuration parameters are required for the Trend Micro Deep Security app to communicate with Trend Micro Deep Security Enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the Base URL. For example, “https://example.com”. | Text | Required | |
Port | Enter the port on which Trend Micro Deep Security application is running. | Text | Required | |
API Key | Enter the API Key. | Password | Required | |
SSL Verification | Optional preference to either verify or skip the SSL certificate verification. | Boolean | Optional | Allowed values:
By default, the value is set as "false". |
Action: Get a list of all intrusion prevention rules
This action can be used to retrieve all the intrusion prevention rules.
Input Parameters
No input parameters are required for this action.
Action: Get a list of Tenants
This action can be used to retrieve all the Tenants.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all Policies
This action can be used to retrieve all the Policies.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all MAC lists
This action can be used to retrieve all the MAC lists.
Input Parameters
No input parameters are required for this action.
Action: Describe a Computer of Trend Micro DS
This action can be used to describe a Computer of Trend Micro DS.
Input Parameters
No input parameters are required for this action.
Action: Describe a Computer Firewall rule
This action can be used to describe a Computer Firewall rule.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Computer ID | Enter the Computer ID. | Text | Required | |
Firewall Rule ID | Enter the Firewall rule ID. | Text | Required |
Action: Get all Policies
The action is used to retrieve all the Policies.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Overrides | Enter the overrides to be shown that are defined for the current Policy. | Boolean | Optional | Allowed Boolean values:
|
Query parameters | Enter the query parameters in the form of Key Value pairs to filter the Policies being retrieved. | Key Value | Optional |
Example Request
[
{
“is_overrides“: “Yes“
}
]Action: Describe a Computer Group
This action can be used to describe a Computer Group.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Group ID | Enter the ID of the computer group to describe. | Text | Required |
Action: Describe a context by ID
This action can be used to describe a context by ID.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Context ID | Enter the ID of the context to describe. | Text | Required |
Action: Describe an intrusion prevention rule by ID
This action can be used to describe an intrusion prevention rule by ID.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Intrusion prevention rule ID | Enter the ID of the intrusion prevention rule to describe. | Text | Required |
Action: Describe an IP list by ID
This action can be used to describe an IP list by ID.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
IP list ID | Enter the ID of the IP List to describe. | Text | Required |
Action: Describe a Mac list
This action can be used to describe a Mac list.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Mac list ID | Enter the ID of the Mac List to describe. | Text | Required |
Action: Describe a particular tenant
This action can be used to describe a particular tenant.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Tenant ID | Enter the ID of the tenant to be described. | Text | Required |
Action: Get a list of all administrators
This action can be used to retrieve all the administrators.
Input Parameters
No input parameters are required for this action.
Action: Get a list of anti-Malware configurations
This action can be used to retrieve all the anti-Malware configurations.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all Computers
This action can be used to retrieve all the Computers.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all Firewall rules associated with a Computer
This action can be used to retrieve all the Firewall rules associated with a Computer.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Computer ID | Enter the ID of the computer for which all the associated Firewall rules needs to be listed. | Text | Required |
Action: Get a list of all Computer Groups
This action can be used to retrieve all the Computer Groups.
Input Parameters
No input parameters are required for this action.
Action: Get a list of computer integrity monitoring rules
This action can be used to retrieve all the computer integrity monitoring rules.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Computer ID | Enter the ID of the computer for which all the associated Firewall rules needs to be listed. | Text | Required |
Action: Get a list of contexts
This action can be used to retrieve all the contexts.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all the available directories
This action can be used to retrieve all the directories.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all Firewall rule IDs assigned to a Computer
This action can be used to retrieve all the Firewall rule IDs assigned to a Computer.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Computer ID | Enter the ID of the computer for which all the associated Firewall rules needs to be listed. | Text | Required |
Action: Get a list of all Firewall rules
This action can be used to retrieve all the Firewall rules.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all integrity monitoring rules
This action can be used to retrieve all the integrity monitoring rules.
Input Parameters
No input parameters are required for this action.
Action: Get a list of all IP lists
This action can be used to retrieve all the IP lists.
Input Parameters
No input parameters are required for this action.
Action: Search a Computer
This action can be used to search a Computer on Trend Micro Deep Security.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Hostname | Enter the Hostname of the computer. For example, "cyware". | Text | Required |
Example Request
[
{
“hostname“: “cyware“
}
]Action: Create a Policy
The action can be used to create a Policy.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Payload | Enter the payload in the form of key-value pairs. | Key Value | Optional | |
Overrides | Enter the overrides to be shown that are defined for the current Policy. | Boolean | Optional | Allowed values:
|
Example Request
[
{
“overrides“: “Yes“
}
]Action: Update a Policy
The action can be used to update a Policy.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the Policy ID. | Text | Required | |
Payload | Enter the payload in the form of key-value pairs. | Key Value | Optional | |
Overrides | Enter the overrides to be shown that are defined for the current Policy. | Boolean | Optional | Allowed Boolean values:
|
Example Request
[
{
“overrides“: “Yes“
}
]Action: Get Policy details
The action can be used to retrieve the policy details.
Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the Policy ID. | Text | Required |