Getting Started

Endpoint Security is a FireEye product that protects an organization from cyber threats by monitoring the most vulnerable devices: laptops, desktops, and servers. The Endpoint agent is a sophisticated software application installed on each device that applies several layers of defense, including signature-based malware detection, machine learning, and behavior analysis, to name a few. Each endpoint communicates with an Endpoint server installed in the customer's network, transmitting alerts, events, and other real time data. The Endpoint Security API is a part of the Endpoint Server and allows developers to query data, configure and manage modules, and take action as threats happen. To learn more about Endpoint Security, visit our product page.


This API requires an existing Enpoint installation within your company's network. You will need the hostname or IP address of the Endpoint server in order to execute requests against the REST API. If your company already has FireEye's Endpoint Security, then please contact your administrator to create a user on the server. If your company does not have Endpoint Security and is looking to evaluate or buy the product, please contact us by filling out our form, or by emailing


Please see the authentication guide for details on how to create a user account and authenticate to the API.

News and Community

Be sure to keep up to date with the latest changes to the API by following our release notes. You can also join the Endpoint community to ask questions and suggest features that you would like to see.