Respond to Malops
By using the API you can retrieve MalOps or isolate machines involved in a specific MalOp. This can prove to be very useful in situations where you are remediating MalOps in your ticketing system and you would like to synchronize that system with your Cybereason platform.
Tasks
All APIs assume a URL prefix of https://<your server>/rest.
Note
Click on any URI path to view more detailed information on a specific API request.
Task |
Endpoint |
Method |
Returns |
---|---|---|---|
Retrieve all Malops |
POST |
List of all Malops (AI Hunt and EP) |
|
Get details on AI Hunt Malops |
POST |
List of information about a specific AI Hunt Malop |
|
Retrieve details on a specific Endpoint Protection Malop |
POST |
List of details on the specified Endpoint protection Malop |
|
Perform all possible response actions on a Malop |
POST |
List of response actions and details on remediation |
|
Perform all possible response actions on a Malop |
POST |
N/A |
|
Isolate a machine connected with a Malop |
POST |
result status |
|
Remove a machine involved with a Malop from isolation |
POST |
result status |
|
Update a Malop’s status |
POST |
Malop details |
|
Add a comment to a Malop |
POST |
Malop details |
|
Get a list of Malop labels |
POST |
A list of Malop labels |
|
Create a Malop label |
POST |
Details on the added label |
|
Delete a Malop label |
POST |
Success or error message |
|
Update Malop labels |
POST |
Success or error message |
|
Retrieve Malop notification settings changes |
GET |
Details on settings updates |
|
Retrieve Malop notification settings changes |
POST |
Success or error message |