Cloud Email and Collaboration
Protection provides programmatic access through Cloud Email and Collaboration
Protection Representational State Transfer (REST) APIs. You can
use the APIs to integrate third-party solutions or Trend Micro products and services
with Cloud Email and Collaboration
Protection, which allows customers to obtain certain service
data, launch investigations for known and unknown threats, and perform operations
on email
messages and user accounts as necessary. This offers automated capabilities to help
the
security team of your organization improve their efficiency and effectiveness with
which they
can investigate, detect, manage, and respond to security issues.
On the Cloud Email and Collaboration
Protection management console, you can create
authentication tokens for use by the following products and services:
-
External applications
-
Trend Micro Apex One™ as a Service
Cloud Email and Collaboration
Protection supports the following types of APIs:
-
Log retrieval: gets security event logs from Cloud Email and Collaboration Protection to your Security Information and Event Management (SIEM) or other security analytics platform for further security monitoring and threat detection. Downloads quarantined emails for further investigation.
-
Threat investigation: sweeps email messages in protected Exchange Online and Gmail mailboxes for those that match meta information search criteria to investigate and understand the impact of detections.
-
Threat mitigation: performs operations on email messages or user accounts to remediate or prevent your email service from further security attacks.
-
Threat remediation: specifies lists of blocked senders, URLs, SHA-1 hash values, and SHA-256 hash values for Cloud Email and Collaboration Protection to quarantine Exchange Online email messages that match the lists.
For more information on the supported APIs and how to implement them, see Cloud Email and Collaboration
Protection Automation and Integration API
Online Help.