Centralized security management helps you bridge the IT and SOC silos that often separate layers of protection and deployment models. This type of connected, centralized approach improves visibility and protection, reduces complexity, and eliminates redundant and repetitive tasks in security administration–all of which make your organization more secure and your life easier.


Trend Micro Apex Central reduces workload and saves time. Its benefits include:

  • No more console hopping – configure policies, manage threat and data protection, and perform detailed investigations from a central console for multiple layers of security.

  • Gain a holistic view of your security posture with continuous monitoring and centralized visibility.

  • Easy integration with your SOC.

  • Connected Threat Defense enables the sharing of real-time threat intelligence with all security layers so that if one layer uncovers a new threat, the other layers can protect against it.

  • Simple threat investigation tools allow you to look back in time to identify where a threat has spread and the full context and extent of an attack.

Integration Features

  • Automated Threat Intelligence distribution across Trend Micro Control Environment.

  • Automate Hash, IP, URL, and IOC blocking.

  • Enrich important information to your investigations.

  • Lookup malicious content across Trend Microdevices.

  • Run effective incident response cycle using Apex Central alert mechanism combined with SIRP risk-based SOAR capabilities.

  • Upload Yara rules to Apex Central using SIRP playbooks.


Products: SIRP and Trend Micro Apex Central.

Platform: Independent.


This app allows the following actions:



Upload Yara File

Action to upload Yara rule file to Apex Central

Restore Agent

Action to restore apex central agent

List Yara File

Action to fetch all Yara rules file lists into SIRP

Get List Servers

Action to fetch list of servers from Apex central console

Get List all agents

Action to fetch list of all agents from Apex central console

Isolate agent

Action to Isolate or contain a host through an apex central agent

Get specific agent

Get details about an agent

Create Scan

Action to create a scan on Apex central console

Add URL to udso list

Action to Add URL to blacklist

Add IP to udso list

Action to Add IP to blacklist

Add Hash to udso list

Action to Add Hash to blacklist

Add Domain to udso list

Action to Add domain to blacklist

Required Configuration

This app requires configuration in the following format:

  • Host=<hostname/ip address>

  • App ID= <id>

  • Api Key= <api_key>

You can get all the information by just login to Apex Central

  • Go to Administration Tab

  • Select Settings

  • Click on Automation API access settings

Once you click save, You can get the Application ID and API keys.


Login to SIRP portal using user credentials.

  • Goto APPS > Trend Micro Apex Central and Enable Status

  • Enabling status will pop-up configuration window, and insert required details such as “Hostname/IP, api-key” acquired from Apex Central Console.

Did this answer your question?