About DevOps, automation, and APIs

To support DevOps workflows, Deep Security offers APIs to automate, monitor, and manage security throughout the release lifecycle. (See Use the Deep Security API to automate tasks.)

The Trend Micro Hybrid Cloud Security Command Line Interface (THUS) is a tool that can help you easily navigate the API. For more information, see https://github.com/trendmicro/thus.

The deep-security GitHub repositories contain the following useful scripts:

• CloudFormation templates for deploying Deep Security Manager to AWS.
• Configuration files that contain parsing logic, saved searches, and dashboards for monitoring Deep Security via Splunk.
• Bash and Powershell scripts for automating various Agent and Manager tasks.

To get started with the API, see the First Steps Toward Deep Security Automation guide in the Deep Security Automation Center. The Automation Center also includes an API Reference.

Deep Security also offers many other ways to speed up the protection of your computers and other resources:

• Schedule Deep Security to perform tasks
• Automatically perform tasks when a computer is added or changed (event-based tasks)
• AWS Auto Scaling and Deep Security
• Use deployment scripts to add and protect computers
• Automatically assign policies using cloud provider tags/labels
• Command-line basics

In addition, Deep Security provides the ability to forward events to SIEMs such as Spunk, QRadar, ArcSight, as well as Amazon SNS. For details, see:

• Forward Deep Security events to a Syslog or SIEM server
• Set up Amazon SNS