Endpoint Security API


The Endpoint Security application programming interface (API) allows users to automate certain actions and integrate security information and event management (SIEM) solutions from FireEye and other companies. The API provides access to information about endpoints, acquisitions, alerts, source alerts, conditions, indicators, and containment. The HX Series API uses role-based access control (RBAC) and representational state transfer (REST) architecture. ### User Role Access Privileges |Privileges | api_admin | api_analyst | |---------------------------------------|-----------|-------------| |API access |Yes |Yes | |View acquisitions |Yes |Yes | |View cloned agents |Yes |Yes | |Configure agents |Yes |**No** | |Manage and view alerts |Yes |Yes | |Approve and cancel containment |Yes |**No** | |View audits |Yes |Yes | |Create data acquisitions |Yes |Yes | |Run enterprise searches |Yes |Yes | |Create file acquisitions |Yes |Yes | |Create host lists |Yes |Yes | |View host lists |Yes |Yes | |Create, update, and delete host sets |Yes |**No** | |View host sets |Yes |Yes | |Create and view indicators |Yes |Yes |