CylanceProtect
Version: 1.3
Updated: Mar 4, 2024
Query CylanceProtect, enrich data and contain threats through devices, zones, policies, global lists, and more.
Actions
- Get Device (Enrichment) - Get information regarding the specified device.
- List Device Threats (Enrichment) - List threats for the specified device.
- List Devices (Enrichment) - Get a list of devices.
- Get Global List (Enrichment) - Get a global list for the specified list type ID.
- List Policies (Enrichment) - Get a list of policies.
- Get Policy (Enrichment) - Get information regarding the specified policy.
- Get Threat (Enrichment) - Get threat information for the specified SHA256 hash.
- List Threat Devices (Notification) - Get a list of devices the specified threat has been observed on.
- Get Threat Download URL (Enrichment) - Get the download URL for the specified threat.
- List Threats (Enrichment) - Get a list of threats.
- Get Zone (Enrichment) - Get information regarding the specified zone.
- Get Device Zone (Enrichment) - Get zone for the specified Device.
- List Zones (Enrichment) - Get a list of zones.
- Add to Global List (Containment) - Add the specified hash to a global list.
- Delete from Global List (Containment) - Delete the specified hash from a global list.
- Update Device Threat (Containment) - Update a device threat with the specified information.
CylanceProtect Configuration
To retrieve the API Credentials, refer to the following guide.
API URL:
The Auth API will be accessed via the following base endpoint:
North America: https://protectapi.cylance.com/
US Government: https://protectapi.us.cylance.com/
All Other Regions: https://protectapi-{region-code}.cylance.com/
External Libraries
Change Log
- February 6, 2019 - First upload
- September 6, 2019 - Added link to Cylance Protect external library
- November 3, 2023 (v1.2)
- Updated the integration with Environmental Variables
- Improved error handling
- Removed leading/trailing spaces
- Code Refactored
- The following actions has been renamed
- Get Device Threats to List Device Threats
- Get Devices to List Devices
- Get Policies to List Policies
- Get Threat Devices to List Threat Devices
- Get Threats to List Threats
- Get Zone Devices to Get Device Zone
- Get Zones to List Zones
- March 4, 2024 (v1.3) - Updated code for compatibility with Python 3.12