- Application management
- RESTful API
- User API
- Device API
- Get devices
- Get devices extended
- Get device count
- Get device
- Get device by MAC address
- Get device by hostname
- Update device
- Get device threat
- Update device threat
- Get zone devices
- Get agent installer link
- Delete Devices
- Get Device Lifecycle Management settings
- Update Device Lifecycle Management Settings
- Exempt devices from the Device Lifecycle Management process
- Include devices in the Device Lifecycle Management process
- Reset the inactive period for a list of devices that are included in the Device Lifecycle Management process
- Global list API
- Policy API
- Zone API
- Threat API
- Memory protection API
- Detections API
- Package deployment API
- Detection rule API
- Detection rule sets API
- Detection exceptions API
- Device commands API
- Focus view API
- InstaQuery API
- CylanceOPTICS policy API
- Lockdown configurations API
- BlackBerry Docs
- Cylance Endpoint Security
- Cylance User API guide
- Detection rule API
Detection rule API
The
CylanceOPTICS
Detection Rules API allows users to create or update rules to help monitor an organization for security threats or anomalous behavior. The flexibility of detection rules allows users to monitor for broad behavior characteristics (for example, files being created with certain naming patterns) or search for a targeted series of events (for example, a process with a certain file signature thumbprint that then creates files and initiates network connections).The
CylanceOPTICS
Detection Rules API includes:- Getting the content of a detection rule.
- Getting a list of detection rules for a tenant.
- Getting a list of detection rules as a .csv file.
- Validating a detection rule.
- Creating a detection rule.
- Updating a detection rule.
- Deactivating (or soft deleting) a detection rule.
- Getting a natural language representation of a detection rule.
- Getting a count of how many detection rules exist in a tenant.