Device Security
Set up Device Security for Cortex XDR API Integration
Table of Contents
Set up Device Security for Cortex XDR API Integration
Integrate Device Security with Cortex XDR directly using an API.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following subscriptions:
|
To integrate Device Security directly with Cortex XDR, you need to
configure the API credentials in the Device Security portal. If you want to
integrate with Cortex XDR through Cortex XSOAR, see
Set up Device Security and XSOAR for Cortex XDR Integration.
To set up Device Security to integrate with Cortex XDR using the
Cortex XDR API, you need the following:
- An owner or admin role
- Standard API key for Cortex XDR
- API key ID
- URL of your Cortex XDR instance
You can obtain the API key, API key ID, and the URL by following the instructions in
Set up Cortex XDR for Integration.
- Log in to the Device Security portal and navigate to .Enable the Cortex XDR integration by selecting the toggle.Configure the Cortex XDR integration by entering the following:
- Server URL: Enter the URL of your Cortex XDR instance.
- API Key ID: Enter the API key ID for your Cortex XDR instance.
- API Key: Enter the Standard API key for your Cortex XDR instance.
Test and Save your configuration.In the Result section, check the Test Connection status. If the test connection failed, check your Cortex XDR URL and API credentials and Test and Save the updated configuration.If the test connection succeeded, Device Security begins ingesting device information from Cortex XDR and updating asset information within 24 hours.Check your Cortex XDR integration run status.After Device Security has had time to ingest data from Cortex XDR, you can check the status of the last run in the Result section of . The Result section shows you if the last run succeeded or failed, and the start and end time for the run.The last run information does not appear if you have disabled the integration, even if the integration was previously enabled.
