Skip to main content
Sign in

Adding your CylancePROTECT credentials to Oomnitza

  • September 20, 2022 16:54
  • Updated

Prerequisites

Best practice
For the integration with Oomnitza, create a dedicated user account.

The CylancePROTECT integration for Oomnitza uses Session Based authentication. You will need to supply your CylancePROTECT Tenant ID, Application ID, Application Secret, Scopes, and API Subdomain name when adding your credentials to Oomnitza.

  • You can obtain your CylancePROTECT Application ID and Application Secret by creating an application. Refer to page 7 of the attached documentation. 
  • Your Tenant ID is available on the Integrations page in the console.
  • The Subdomain you enter depends on the location of your servers. Refer to API Subdomain.
  • For a list of scopes refer to Scopes. You can enter the scopes in Oomnitza as a comma-separated list, for example:user:list,device:list

API Subdomain

CylancePROTECT API Domain Region
protectapi-apne1 Asia-Pacific - North
protectapi-au Asia-Pacific - Southeast
protectapi-euc1 Europe - Central
protectapi North America
protectapi-sae1 South America
protectapi.us US Government

 

Scopes

Scope Name Used for
user:list User Load
device:list Asset Load
device:list,device:threatlist,device:read,device:update,threat:update,device:delete,opticscommand:read,opticscommand:create Asset workflows
user:create,user:delete,user:list,user:read,user:update,personausers:list User workflows

Refer to page 17 of the attached document for further information.

Adding your CylancePROTECT credentials

To stream CylancePROTECT user data into Oomnitza, complete the following steps:

  1. In Oomnitza, click Configuration > Security > Credentials.
  2. Click Add new credential (+).
  3. Search for the integration, and then click the forward button > to select the integration.
  4. Enter your session-based credentials and any other additional information.
  5. Click CREATE.

Information
If the integration is not listed, click Advanced Mode, and add your credentials.

  1. Add the INFORMATION details.
  2. Click the AUTHORIZATION tab.
  3. Ensure that Session Based is selected from the Authorization Type list.
  4. Ensure that CylancePROTECT is selected from the SaaS list.
  5. Enter the details listed in the perquisites. 
  6. Click Create

Adding your CylancePROTECT API Subdomain as a global variable

To save time entering information when you create the integration and the workflow, you can add your Citrix Endpoint Management hostname as a global variable in Oomnitza.

  1. From the menu, go to Configuration>General.
  2. Click Global Settings.
  3. Click Add new variable (+). 
  4. Enter Cylance.Protect Subdomain as the variable key.
  5. Enter your CylancePROTECT API Subdomain as the value. Refer to the API Subdomains for details.
  6. Save your changes.

You use the credentials that you added to create and customize your integrations with Oomnitza.

 

CylancePROTECT API Documentation

Related articles

Comments

0 comments

Please sign in to leave a comment.