[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eTrend Micro Deep Security version 5.0 can be integrated with Google Security Operations SOAR for enhanced security operations.\u003c/p\u003e\n"],["\u003cp\u003eAPI keys are required for integration, and the secret key must be copied immediately upon creation, as it will not be displayed again.\u003c/p\u003e\n"],["\u003cp\u003eThe integration includes actions like assigning security profiles to hosts, obtaining host information, retrieving security profiles, pinging to verify connectivity, and initiating malware scans.\u003c/p\u003e\n"],["\u003cp\u003eEach action has its own parameters and runs on specific entities, providing varying outputs in the form of script results.\u003c/p\u003e\n"],["\u003cp\u003eThe webpage also recommends the Google Security Operations community for further assistance with the integration.\u003c/p\u003e\n"]]],[],null,["# Trend Micro Deep Security\n=========================\n\nIntegration version: 5.0\n\nConfigure Trend Micro Deep Security to work with Google Security Operations\n---------------------------------------------------------------------------\n\nTo create a new API key:\n\n1. Navigate to **Administration** \\\u003e **User Management** \\\u003e **API Keys**.\n2. Click **New**.\n3. In the **Properties** window, enter a *Name* and *Description* for the API key.\n4. Click on the **Role** list and select a role.\n5. Next, select a **Language** and a **Time Zone** . You can also select **Expires on**, which is optional, for expiry date for the API key.\n6. Click **OK**.\n7. Copy the **Secret key value**. Make sure to copy the secret key value now, because this is the only time it will be shown.\n\nConfigure Trend Micro Deep Security integration in Google SecOps\n----------------------------------------------------------------\n\nFor detailed instructions on how to configure an integration in\nGoogle SecOps, see [Configure\nintegrations](/chronicle/docs/soar/respond/integrations-setup/configure-integrations).\n\n### Integration parameters\n\nUse the following parameters to configure the integration:\n\n| **Note:** You can make changes at a later stage if needed. Once configured, the Instances can be used in Playbooks. For detailed information on configuring and supporting multiple instances, please see [Supporting multiple instances](/chronicle/docs/soar/respond/integrations-setup/supporting-multiple-instances).\n\nActions\n-------\n\n### Assign Security Profile to Host\n\n#### Description\n\nAssign the specified policy to computers.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the Hostname entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Get Host Info\n\n#### Description\n\nDescribe a computer.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the Hostname entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Get Security Profiles\n\n#### Description\n\nGet all of the policies from Deep Security.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Ping\n\n#### Description\n\nVerifies that the user has a connection to Trend Micro Deep Security via the\nuser's device.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Scan Host\n\n#### Description\n\nRequest a malware scan.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the Hostname entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
