Automation and Integration APIs

Cloud App Security provides programmatic access through Cloud App Security Automation and Integration Representational State Transfer (REST) APIs, allowing customers to obtain certain product service data and perform operations on email messages and email accounts as necessary. This offers automated capabilities to help the security team of your organization improve their efficiency and effectiveness with which they can investigate, detect, and respond to security issues.

Cloud App Security supports the following types of APIs:

  • Log retrieval: gets security event logs from Cloud App Security to your Security information and event management (SIEM) or syslog platform for further threat detection and security analytics.

  • Threat investigation: sweeps email messages in protected Exchange Online and Gmail mailboxes for those that match meta information search criteria to investigate and understand the impact of detections.

  • Threat mitigation: performs operations on email messages and user accounts to remediate or prevent your email service from further security attacks.

  • Threat remediation: specifies lists of blocked senders, URLs, and SHA-1 hash values for Cloud App Security to quarantine Exchange Online email messages that match the lists.

For more information on the supported APIs and how to configure them, see Trend Micro Cloud App Security Automation and Integration API Online Help.