Add an application
A tenant can have up to 10 custom applications.
- Log in to the management console as an administrator. Only administrators can create an application integration.
- On the menu bar, clickSettings > Integrations.
- ClickAdd Application.
- Type an application name. This must be unique within your organization.
- Select the access privileges for a console data type. Not selecting any checkboxes for a data type means the application does not have access to that data type.
- ClickSave.
- Copy and paste the application ID and application secret to your API application, or you can clickOKto close the dialog box. You can view the application ID and application secret from the integrations page.There are some API operations listed in the Add Application matrix that can be enabled (Global List - Read and Modify; Policy - Write, Modify, and Delete) but are not available with the initial release. These API operations are currently under development and will be available in a future release.Data TypeDescriptionCylanceOPTICSCommandsTheCylanceOPTICSdevice commands Include device lockdown (locking a device, retrieving history) and file retrieval (requesting, checking, and getting results).CylanceOPTICSDetectionsTheCylanceOPTICSdetection events triggered by the context analysis engine (CAE) allow further automation of analyzing, triaging, and responding to malicious or suspicious activity prevented or detected byCylanceOPTICS.CylanceOPTICSExceptionsTheCylanceOPTICSdetection exceptions add exceptions to detection rules.CylanceOPTICSFocus ViewsTheCylanceOPTICSfocus views retrieve an information trail starting with the first event related to an artifact from an InstaQuery result orCylancePROTECT Desktopevent.CylanceOPTICSInstaQueriesTheCylanceOPTICSInstaQuery allows searching for system artifacts stored locally byCylanceOPTICS(for example, files, registry key persistence points, processes, and so on).CylanceOPTICSPoliciesTheCylanceOPTICSsettings in a policy require the policy settings to also be enabled.CylanceOPTICSRule SetsTheCylanceOPTICSset of rules are applied to a policy.CylanceOPTICSRulesTheCylanceOPTICSdetection rules help monitor an organization for security threats or anomalous behavior.DevicesDevices are systems with aCylanceagent installed. You can get information about devices in your organization. You can also update or remove devices from your organization.Global ListsGlobal lists include the safe list and the global quarantine list. Each global list operation has its own set of required and optional request fields.Packages ConfigurationTheCylanceOPTICSpackages are sent and stored on devices.CylanceOPTICSpackages are not sent to devices by default. Devices must receive a command to download a package.Packages DeploymentTheCylanceOPTICSpackages are executed on devices.PoliciesPolicies contain the protection settings applied to devices. Policies allow adding and removing devices instead of needing to manually update each device when you want to change the protection settings.ThreatsThreat details provide information about a file as well as reference information about why a file is considered safe or a threat. Use the threats request to get this information.UsersUsers have access to the data in the console, based on the role assigned to them. For example, an administrator can see everything in the console, while a user is limited to the zones to which the user is assigned.ZonesEach device belongs to at least one zone. Zones are similar to tags and assist in organizing your devices.