About

FireEye Endpoint Security (HX Series) is an EPP platform that offers protection against malware and zero day exploits.

Why You Should Integrate

Provide a greater awareness and insight into your endpoints being protected with FireEye Endpoint Security.

How Does the Integration Work

This integration pulls host information from FireEye Endpoint Security.

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

Configuration

Configure plugin: Configure the plugin with the required fields.

Field	Description	Example
`URL`*	The URL of the FireEye instance.	`https://api.product.com`
`Skip TLS Certification Validation`	Skip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.
`Username`*	The username of your FireEye account.	`JohnDoe`
`Password`*	The password for your FireEye account.	`***********************`

Configure Name: OPTIONAL: You can give the configuration a name to provide an identifiable attribute of the configuration to delineate other similar configurations.
Activate Config: To enable this configuration and begin pulling data select "Activate". If you wish to save the configuration to come back later to finish, select "Save Draft". This will save the configuration, but keep it disabled until Activated.

Source Documentation

Creating credentials

You'll be asked to provide a username and password of credentials that Sevco will use to connect to FireEye Endpoint Security. Steps can be found in the Creating a user account on the Endpoint server of the their documentation.

Required Permissions

The following permissions are required:

View host list

The following default role has the appropriate permissions:

api_analyst

API Documentation

FireEye API documentation

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: cloud, epp-edr