McAfee ATD

Version: 3.0.0

McAfee Advanced Threat Defense enhances protection from the network edge to the endpoint and enables investigation.

Connect McAfee ATD with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for McAfee ATD.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • Host: Host for McAfee ATD instance.
    • Username: Username for McAfee ATD.
    • Password: Password for McAfee ATD.
  4. After you've entered all the details, click Connect.

Actions for McAfee ATD

Scan File And Wait For Report

Submits file for scan and waits for the analysis to be completed.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Analyzer Profile IdThe profile ID number can be found in the UI Policy/Analyzer Profile page.Required
Column for File IDColumn name from parent table containing File ID.Required
Column for File NameColumn name from parent table containing File Name.Required

Scan File

Submits file for scan and returns Job ID.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Analyzer Profile IdThe profile ID number can be found in the UI Policy/Analyzer Profile page.Required
Column for File IDColumn name from parent table containing File ID.Required
Column for File NameColumn name from parent table containing File Name.Required

Scan URL

Submits a URL for scan and returns a job ID (subId).

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Analyzer Profile IdSelect the name of the column name from parent table to lookup value for.Required
Column for URLColumn name from parent table containing a URL.Required
Message IDString to identify the sample within ATD (up to 128 characters).Required

Get Report

Retrieve report for already submitted files for scan.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Column nameColumn name from parent table containing job ID of already submitted files for scan.Required

Release Notes

  • v3.0.0 - Updated architecture to support IO via filesystem
  • v2.0.1 - Added documentation link in the automation library.

© 2017-2021 LogicHub®. All Rights Reserved.