- Application management
- RESTful API
- User API
- Device API
- Global list API
- Policy API
- Zone API
- Threat API
- Memory protection API
- Detections API
- Package deployment API
- Detection rule API
- Detection rule sets API
- Detection exceptions API
- Device commands API
- Focus view API
- InstaQuery API
- BlackBerry Optics policy API
- Persona Desktop API
- BlackBerry Docs
- Cylance products
- Cylance User API guide
- Detection rule API
Detection rule API
The
BlackBerry Optics
Detection Rules API allows users to create or update rules to help monitor an organization for security threats or anomalous behavior. The flexibility of detection rules allows users to monitor for broad behavior characteristics (for example, files being created with certain naming patterns) or search for a targeted series of events (for example, a process with a certain file signature thumbprint that then creates files and initiates network connections).The
BlackBerry Optics
Detection Rules API includes:- Getting the content of a detection rule.
- Getting a list of detection rules for a tenant.
- Getting a list of detection rules as a .csv file.
- Validating a detection rule.
- Creating a detection rule.
- Updating a detection rule.
- Deactivating (or soft deleting) a detection rule.
- Getting a natural language representation of a detection rule.
- Getting a count of how many detection rules exist in a tenant.