Add an application

A tenant can have up to 10 custom applications.
  1. Log in to the management console as an administrator. Only administrators can create an application integration.
  2. On the menu bar, click Settings > Integrations.
  3. Click Add Application.
  4. Type an application name. This must be unique within your organization.
  5. Select the access privileges for a console data type. Not selecting any checkboxes for a data type means the application does not have access to that data type.
  6. Click Save.
  7. Copy and paste the application ID and application secret to your API application, or you can click OK to close the dialog box. You can view the application ID and application secret from the integrations page.
    Note: There are some API operations listed in the Add Application matrix that can be enabled (Global List - Read and Modify; Policy - Write, Modify, and Delete) but are not available with the initial release. These API operations are currently under development and will be available in a future release.

    Data Type

    Description

    Aurora Focus Commands

    The Aurora Focus device commands Include device lockdown (locking a device, retrieving history) and file retrieval (requesting, checking, and getting results).

    Aurora Focus Detections

    The Aurora Focus detection events triggered by the context analysis engine (CAE) allow further automation of analyzing, triaging, and responding to malicious or suspicious activity prevented or detected by Aurora Focus.

    Aurora Focus Exceptions

    The Aurora Focus detection exceptions add exceptions to detection rules.
    Aurora Focus Focus Views

    The Aurora Focus focus views retrieve an information trail starting with the first event related to an artifact from an InstaQuery result or Aurora Protect Desktop event.

    Aurora Focus InstaQueries

    The Aurora Focus InstaQuery allows searching for system artifacts stored locally by Aurora Focus (for example, files, registry key persistence points, processes, and so on).

    Aurora Focus Policies

    The Aurora Focus settings in a policy require the policy settings to also be enabled.

    Aurora Focus Rule Sets

    The Aurora Focus set of rules are applied to a policy.

    Aurora Focus Rules

    The Aurora Focus detection rules help monitor an organization for security threats or anomalous behavior.

    Devices

    Devices are systems with an Endpoint Defense agent installed. You can get information about devices in your organization. You can also update or remove devices from your organization.

    Global Lists

    Global lists include the safe list and the global quarantine list. Each global list operation has its own set of required and optional request fields.

    Packages Configuration

    The Aurora Focus packages are sent and stored on devices.

    Aurora Focus packages are not sent to devices by default. Devices must receive a command to download a package.

    Packages Deployment

    The Aurora Focus packages are executed on devices.

    Policies

    Policies contain the protection settings applied to devices. Policies allow adding and removing devices instead of needing to manually update each device when you want to change the protection settings.

    Threats

    Threat details provide information about a file as well as reference information about why a file is considered safe or a threat. Use the threats request to get this information.

    Users

    Users have access to the data in the console, based on the role assigned to them. For example, an administrator can see everything in the console, while a user is limited to the zones to which the user is assigned.

    Zones

    Each device belongs to at least one zone. Zones are similar to tags and assist in organizing your devices.