Update device threat

Update the status (waive or quarantine) of a convicted threat. To update a threat on a device requires the modify permission for the threats privilege in an integration. See authorization below.


Service Endpoint	/devices/v2/{unique_device_id}/threats
Optional query string parameters	—
Example	https://protectapi.cylance.com/devices/v2/e378dacb-9324-453a-b8c6-5a8406952195/threats
Method	HTTP/1.1 POST
Request headers	Accept: application/json Authorization: Bearer `JWT Token returned by Auth API` with the threat:update scope encoded Content-Type: application/json

Request

JSON

{
    "threat_id": "bf17366ee3bb8068a9ad70fc9e68496e7e311a055bf4ffeeff53cc5d29ccce52",
    "event": "Quarantine"
}

{
    "threat_id": "bf17366ee3bb8068a9ad70fc9e68496e7e311a055bf4ffeeff53cc5d29ccce52",
    "event": "Quarantine"
}

Response

Please see the Response status codes for more information.

Response JSON schema


Field Name	Description
event	This is the requested status update for the convicted threat, which can be either quarantine or waive
threat_id	This is the SHA256 hash of the convicted threat

Développeurs et OEM

Développeurs et OEM

Request

Response

Response JSON schema

Contenu