Skip to main content
POST
/
v1
/
asset
/
endpoint
/
{id}
/
contain
Contain endpoint
curl --request POST \
  --url https://api.wirespeed.co/v1/asset/endpoint/{id}/contain \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "caseId": "<string>",
  "detectionId": "<string>",
  "integrationId": "<string>",
  "userContainActions": [],
  "endpointContainActions": [],
  "userUncontainActions": [
    "enable"
  ],
  "endpointUncontainActions": [],
  "fileContainActions": [],
  "fileUncontainActions": [
    "unquarantine"
  ]
}
'
{
  "message": "<string>",
  "statusCode": 123
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

Endpoint identifier

Body

application/json
caseId
string

Case ID for containment context

detectionId
string

Detection ID for containment context

integrationId
string

Integration ID to use for containment. Required for files; optional for endpoints/users (falls back to asset integration).

userContainActions
enum<string>[]

User containment actions to perform

Available options:
disable,
reset_password,
revoke_sessions
endpointContainActions
enum<string>[]

Endpoint containment actions to perform

Available options:
isolate,
lock
userUncontainActions
enum<string>[]

User uncontainment actions to perform

Available options:
enable
endpointUncontainActions
enum<string>[]

Endpoint uncontainment actions to perform

Available options:
unisolate,
unlock
fileContainActions
enum<string>[]

File containment actions to perform

Available options:
delete,
quarantine
fileUncontainActions
enum<string>[]

File uncontainment actions to perform

Available options:
unquarantine

Response