Select Page

Connecting Secureworks Taegis VDR

Welcome Forums Integrations Connecting Secureworks Taegis VDR

  • This topic is empty.
Viewing 1 post (of 1 total)
  • Author
    Posts
  • April 19, 2022 at 5:54 pm #3255
    Mike RiforgiateMike Riforgiate
    Keymaster

    SECUREWORKS CONFIGURATION

    Create an Applicative User in Secureworks® Taegis™ VDR ⫘

    We recommend you do not mix API access to applicative users and regular users in Secureworks® Taegis™ VDR. Creating a new user dedicated to API access, with rights that are limited to the scope of these accesses, is the best way to proceed.

    Refer to the Secureworks® Taegis™ VDR’s User Guide section on creating new users and adding members to a team using the correct team access rights to better scope how this user should be created.

    Get a Client Secret and Client ID for this Applicative User ⫘

    Once the dedicated applicative user is created, generate a new OAUTH2 API Client ID and Secret:

    1. Access the System menu by selecting the Account circle in the upper right, and then choose Settings.
    2. Select Public API Clients from the System Settings box.
    3. From the Public API Clients panel, select Add Public API Client at the upper right corner and then configure the following parameters:
    • Description — Choose a description for your Public API Client in order to remember the reason you created it. It will be visible in the interface afterwards.
    • Scopes — Choose from read_only (only GET supported) or full_access (GET, POST, PATCH supported).
    • Redirect URIs — Dependent on the application with which you will use Secureworks® Taegis™ VDR’s Public API. It is usually documented by the application itself when accessing OpenAPI through OAUTH2.

    Note

    The Redirect URI (also named “callback URI“) depends on the application with which you will use Secureworks® Taegis™ VDR’s Public API. Choose the one that corresponds to your need, usually documented by the application consuming the OpenAPI through OAUTH2.

    If you’re unsure or just want to try the API using Swagger UI, you can start with the following URL:

    https://us2.vdr.secureworks.com/assets/api-doc/oauth2-redirect.html

     

    Redirect URI

    Redirect URI

    Once created, the credential displays with the Client ID and Client Secret that you must record for future use in your API authentication.

    Public API Client Credentials

     

    PRECINCT CONFIGURATION

    • Go to Admin > SOAR > Secureworks Taegis VDR API > Config
    • Click the checkbox for Enable Secureworks Taegis VDR
    • Paste the Client ID and Client Secret
    • Click the disk icon (Save)
    • Click Jobs and go to Artifacts from Secureworks Taegis VDR
    • Select Triggers, expanding Manual Trigger and Interval Trigger. 
      • Toggle both to State: ENABLED
    • The Interval Trigger is set to 2 hours by default, but you can update it to what best suits your organization.
    • Click the disk icon (Save)

     

  • Author
    Posts
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.