Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Device Integration: WithSecure

            Modified on Mon, 20 Apr at 3:05 PM

            TABLE OF CONTENTS


            Overview

            This Knowledge Base Article (KBA) explains the prerequisites, required permissions, and configuration steps to integrate WithSecure with the ADR platform.

            The integration uses API-based authentication, where a Client ID and Client Secret are generated from WithSecure Elements Security Center and configured in ADR for data collection and monitoring.


            Pre-requisites

            Before configuring the integration, ensure the following:

            • Active WithSecure Elements deployment

            • Access to WithSecure Elements Security Center with EPP administrator privileges and security management rights

            • Ability to generate API client credentials (Client ID and Client Secret)

            • Network connectivity from ADR (CCE) to WithSecure Elements API endpoints


            Required Credentials

            The following details must be collected from the customer:

            • Client ID

            • Client Secret


            Required User Roles (WithSecure)

            The API credentials must be generated by a user with EPP administrator privileges and security management rights in WithSecure Elements Security Center to ensure sufficient access for data collection.


            Steps to Generate API Credentials (WithSecure)

            Follow the steps below to generate Client ID and Client Secret from WithSecure Elements Security Center:

            1. Log in as an EPP administrator in WithSecure Elements Security Center.

            2. Under Management, select Organization Settings.

            3. In the Organization Settings view, from the top menu select API clients.

            4. From the scope selector, change the scope to the organization for which you want to create credentials.

              Note: If you are a partner, ensure you change the scope to the target organization.

            5. Select Add new.

            6. In the Add new API client window:

              • Enter a description for the new client credentials.

              • Select Read-only to allow the client to only read data.

              • Select Add.

            7. Follow the on-screen instructions.

              Important: Save the Client Secret in a secure location, as it will not be shown again.

            8. Select I have copied and stored the secret, and then select Done.

            The new API client credentials will now appear in the list.


            ADR Configuration Steps

            Once the Client ID and Client Secret are generated, configure WithSecure in the ADR UI as follows:

            1. Navigate to:
              Administration → Add On Device

            2. Select WithSecure from the device list.

            3. Fill in the required fields as shown below.

            Field Mapping

            ADR UI FieldValue to Enter
            NameAny logical name (e.g., WithSecure)
            CCE HostValid CCE IP address (or 127.0.0.1)
            Username / Access KeyWithSecure Client ID
            Password / Secret KeyWithSecure Client Secret
            ConfigLeave empty


            1. Click Save to complete the integration.


            Verification (MSSP Only)

            On CCE (Command-Line Verification)

            1. Login to the CCE with the ADR user account.

            2. Run:
              otmdoc -m

            3. Enter the add-on device container:
              otmdoc -s cce-addon-devices

            4. Check scheduled tasks:
              crontab -l

            5. Run the WithSecure Python script and review the outputs/logs for any errors.

            On ADR GUI Console

            1. Log in to ADR with appropriate administrative rights.

            2. Navigate to SYSTEM.

            3. Check Collection Status.

            4. Go to Logs / Flow Collection Status.

            5. Verify the WithSecure integration status and ensure logs are being ingested successfully.


            Validation & Troubleshooting

            • Ensure network connectivity from ADR CCE to WithSecure Elements APIs.

            • Verify that the Client ID and Client Secret were generated using an administrator account.

            • If logs are not ingesting:

              • Regenerate the API credentials

              • Update the credentials in ADR

              • Revalidate permissions and network connectivity


            Notes

            • Rotate API credentials periodically as per security best practices.

            • Do not share Client ID and Client Secret over unsecured channels.

            • Revoke unused or compromised API clients immediately from WithSecure Elements Security Center.


            Conclusion

            Following the above steps ensures a successful and stable integration between WithSecure and ADR, enabling continuous visibility into endpoint security events.

            For further assistance, contact ADR Support with relevant logs and screenshots.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0