Trellix

Trellix EDR API

Endpoint Detection and Response API for advanced threat hunting, investigation, and automated response capabilities. The EDR API supports querying threat data, searching devices, retrieving action history, and executing real-time search and response actions across managed endpoints.

GitHub

Documentation

📖
Documentation
https://docs.trellix.com/bundle/mvision-endpoint-detection-and-response-product-guide
📖
APIReference
https://docs.trellix.com/bundle/mvision-endpoint-detection-and-response-product-guide/page/UUID-d4602e2b-5adc-bdb4-c8cf-163997d5cd6e.html
📖
Authentication
https://developer.manage.trellix.com/mvision/docs/umam

SDKs

📦
GitHubRepository
https://github.com/trellix-enterprise/EDR-Integration-Scripts

API entry from apis.yml

apis.yml Raw ↑ 
name: Trellix EDR API
description: Endpoint Detection and Response API for advanced threat hunting, investigation, and automated
  response capabilities. The EDR API supports querying threat data, searching devices, retrieving action
  history, and executing real-time search and response actions across managed endpoints.
image: https://www.trellix.com/favicon.ico
humanURL: https://docs.trellix.com/bundle/mvision-endpoint-detection-and-response-product-guide
baseURL: https://api.manage.trellix.com
tags:
- Endpoint Detection
- Forensics
- Incident Response
- Threat Hunting
properties:
- type: Documentation
  url: https://docs.trellix.com/bundle/mvision-endpoint-detection-and-response-product-guide
- type: APIReference
  url: https://docs.trellix.com/bundle/mvision-endpoint-detection-and-response-product-guide/page/UUID-d4602e2b-5adc-bdb4-c8cf-163997d5cd6e.html
- type: Authentication
  url: https://developer.manage.trellix.com/mvision/docs/umam
- type: GitHubRepository
  url: https://github.com/trellix-enterprise/EDR-Integration-Scripts