Skip to main content

ThreatDown Oneview

threatdown-oneview

Version: 1.0
Updated: Mar 7, 2025

Malwarebytes ThreatDown OneView (MBOV) provides your business with a powerful and affordable security management platform that gives security teams maximum control. OneView streamlines endpoint security management by providing out-of-the-box security policies, scans, and remediation.

Actions​

  • Create Exclusion (Containment) - Create Exclusion.
  • Create Policy (Containment) - Create policy.
  • Delete Exclusion (Containment) - Delete exclusion by ID.
  • Delete Policy (Containment) - Delete policy by ID.
  • Get Account Info (Enrichment) - Retrieve Account Info.
  • Get Endpoint (Enrichment) - Retrieve a single ID by its universally unique identifier.
  • Get Endpoint Status (Enrichment) - Get the status of an endpoint.
  • Get Exclusion (Enrichment) - Get exclusion by ID.
  • Get Job Status (Enrichment) - Get details about an issued job by ID.
  • Get Policy (Enrichment) - Get policy by ID.
  • Get Suspicious Activity (Enrichment) - Fetch suspicious activity of an endpoint.
  • Issue Job (Containment) - Issue a job (scan endpoint, restart endpoint, check for updates).
  • List Detections (Enrichment) - Search detections.
  • List Policies (Enrichment) - Retrieve a list of policies.
  • List Sites (Enrichment) - Retrieves a list of all sites associated with the account.
  • List Vulnerabilities (Enrichment) - Search CVE grouped by a specific field.
  • Remediate Activity (Containment) - Remediate suspicious activity of an endpoint.
  • Search Endpoints (Enrichment) - Search all endpoints, or search either the alias or the host name of a fully qualified host name.
  • Update Exclusion (Containment) - Update Exclusion by ID.
  • Update Policy (Containment) - Update policy.

Category​

Threat Intelligence Reputation

ThreatDown Oneview in Automation Service and Cloud SOAR​

  1. Access integrations in the Automation Service or Cloud SOAR.
  2. After the list of the integrations appears, search for the integration and click on the row.
  3. The integration details will appear. Click on the "+" button to add a new resource.
    threatdown-oneview1
  4. Label and populate all the required fields (*).
    1. Label. Add a name for the resource.
    2. URL. Enter your ThreatDown Oneview site URL.
    3. Client ID. Enter your Client ID.
    4. Client Secret. Enter your Client Secret.
      threatdown-oneview2
  5. Click SAVE.
  6. To make sure the resource is working, hover over the resource and then click the TEST.
    threatdown-oneview3
  7. You should receive a successful notification in the bottom right corner.
    threatdown-oneview4

Change Log​

  • March 7, 2025 - First upload
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.