Trend Micro Deep Security SOAR Integration¶

Overview¶

This document outlines the tools available for the Trend Micro Deep Security integration within the SOAR platform. These tools allow interaction with the Trend Micro Deep Security API for managing hosts, security profiles (policies), and performing scans.

Tools¶

`trend_micro_deep_security_get_security_profiles`¶

Get all of the policies from Deep Security.

Parameters:

case_id (str, required): The ID of the case.
alert_group_identifiers (List[str], required): Identifiers for the alert groups.
target_entities (List[TargetEntity], optional, default=None): Optional list of specific target entities (Identifier, EntityType) to run the action on.
scope (str, optional, default=“All entities”): Defines the scope for the action.

`trend_micro_deep_security_get_host_info`¶

Describe a computer.

Parameters:

case_id (str, required): The ID of the case.
alert_group_identifiers (List[str], required): Identifiers for the alert groups.
target_entities (List[TargetEntity], optional, default=None): Optional list of specific target entities (Identifier, EntityType) to run the action on.
scope (str, optional, default=“All entities”): Defines the scope for the action.

`trend_micro_deep_security_ping`¶

Test Connectivity.

Parameters:

case_id (str, required): The ID of the case.
alert_group_identifiers (List[str], required): Identifiers for the alert groups.
target_entities (List[TargetEntity], optional, default=None): Optional list of specific target entities (Identifier, EntityType) to run the action on.
scope (str, optional, default=“All entities”): Defines the scope for the action.

`trend_micro_deep_security_scan_host`¶

Request a malware scan.

Parameters:

case_id (str, required): The ID of the case.
alert_group_identifiers (List[str], required): Identifiers for the alert groups.
target_entities (List[TargetEntity], optional, default=None): Optional list of specific target entities (Identifier, EntityType) to run the action on.
scope (str, optional, default=“All entities”): Defines the scope for the action.

`trend_micro_deep_security_assign_security_profile_to_host`¶

Assign the specified policy to computers.

Parameters:

case_id (str, required): The ID of the case.
alert_group_identifiers (List[str], required): Identifiers for the alert groups.
security_profile_name (str, required): Policy name.
target_entities (List[TargetEntity], optional, default=None): Optional list of specific target entities (Identifier, EntityType) to run the action on.
scope (str, optional, default=“All entities”): Defines the scope for the action.

Trend Micro Deep Security SOAR Integration¶

Overview¶

Tools¶

trend_micro_deep_security_get_security_profiles¶

trend_micro_deep_security_get_host_info¶

trend_micro_deep_security_ping¶

trend_micro_deep_security_scan_host¶

trend_micro_deep_security_assign_security_profile_to_host¶

`trend_micro_deep_security_get_security_profiles`¶

`trend_micro_deep_security_get_host_info`¶

`trend_micro_deep_security_ping`¶

`trend_micro_deep_security_scan_host`¶

`trend_micro_deep_security_assign_security_profile_to_host`¶