Trend Micro Deep Security
Integration version: 5.0
Configure Trend Micro Deep Security to work with Google Security Operations SOAR
To create a new API key:
- Navigate to Administration > User Management > API Keys.
- Click New.
- In the Properties window, enter a Name and Description for the API key.
- Click on the Role list and select a role.
- Next, select a Language and a Time Zone. You can also select Expires on, which is optional, for expiry date for the API key.
- Click OK.
- Copy the Secret key value. Make sure to copy the secret key value now, because this is the only time it will be shown.
Configure Trend Micro Deep Security integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Actions
Assign Security Profile to Host
Description
Assign the specified policy to computers.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| Security Profile Name | String | N/A | Policy Name. |
Use cases
N/A
Run On
This action runs on the Hostname entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_assigned | True/False | is_assigned:False |
JSON Result
N/A
Get Host Info
Description
Describe a computer.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the Hostname entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Get Security Profiles
Description
Get all of the policies from Deep Security.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Ping
Description
Verifies that the user has a connection to Trend Micro Deep Security via the user's device.
Parameters
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_ connected | True/False | is_connected:False |
JSON Result
N/A
Scan Host
Description
Request a malware scan.
Parameters
Use cases
N/A
Run On
This action runs on the Hostname entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_ success | True/False | is_success:False |
JSON Result
N/A