Symantec DLP Connector

overview the symantec dlp connector allows for seamless integration with swimlane turbine to automate responses to data loss prevention incidents and manage data security policies symantec dlp (data loss prevention) is a comprehensive data security solution that helps organizations prevent data breaches and secure sensitive information the symantec dlp turbine connector enables users to automate incident response and policy management tasks within the swimlane turbine platform by integrating with symantec dlp, users can retrieve detailed incident data, manage policy enforcement, and streamline compliance processes, enhancing the overall security posture and reducing manual workload limitations none to date supported versions this connector uses version 16 1 symantec dlp additional docs authentication https //apidocs securitycloud symantec com/#/doc?id=introductionapi documentation https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails configuration prerequisites to effectively utilize the symantec dlp connector within swimlane turbine, ensure you have the following prerequisites http basic authentication with the following parameters url endpoint url for the symantec dlp api username your symantec dlp account username password your symantec dlp account password authentication methods basic authentication url the base endpoint for the symantec dlp api username your symantec dlp account username password your symantec dlp account password capabilities this symantec dlp connector provides the following capabilities get all component matches get component data get editable incident details get form image get incident components get incident correlations get incident history get incident message body get incident original message get policy matches get static incident details update a policy get all component matches retrieves all the matches of the components for an incident ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get component data retrieves the data of a specified incident component based on the component id ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get editable incident details retrieves editable attributes of the specified incident the api only returns the attributes that the user has permissions to read ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get form image retrieves the form image from the database or an external disk based on the message id and violation id ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get incident components retrieves a list of all incident components the list contains the id, name and mime type of the components ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get incident correlations retrieves the correlations of the specified incident ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get incident history retrieves the history and notes of the specified incident ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get incident message body retrieves the message body of the specified incident the message body is available for download if required permissions are satisfied ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get incident original message retrieves the original message of the specified incident the original message is available for download if required permissions are satisfied ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get policy matches retrieves information of the other violated policies for the specified incident ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) get static incident details retrieves static attributes of the specified incident only returns the attributes that the user has permissions to read ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails ) update a policy enables or disables policies specified by the policy id ( click here https //apidocs securitycloud symantec com/#/doc?id=16 1 incidentdetails )