Contain endpoint

curl --request POST \ --url https://api.wirespeed.co/asset/endpoint/{id}/contain \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "caseId": "<string>", "detectionId": "<string>", "integrationId": "<string>", "userContainActions": [ "disable" ], "endpointContainActions": [ "isolate" ], "userUncontainActions": [ "enable" ], "endpointUncontainActions": [ "unisolate" ], "fileContainActions": [ "delete" ], "fileUncontainActions": [ "unquarantine" ] } '

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

string

required

Endpoint identifier

Body

application/json

caseId

string

Case ID for containment context

detectionId

string

Detection ID for containment context

integrationId

string

Integration ID to use for containment. Required for files; optional for endpoints/users (falls back to asset integration).

userContainActions

enum<string>[]

User containment actions to perform

Available options:

disable,

reset_password,

revoke_sessions

endpointContainActions

enum<string>[]

Endpoint containment actions to perform

Available options:

isolate,

lock

userUncontainActions

enum<string>[]

User uncontainment actions to perform

Available options:

enable

endpointUncontainActions

enum<string>[]

Endpoint uncontainment actions to perform

Available options:

unisolate

fileContainActions

enum<string>[]

File containment actions to perform

Available options:

delete,

quarantine

fileUncontainActions

enum<string>[]

File uncontainment actions to perform

Available options:

unquarantine

Cases

Integration

Asset

Users

Team

Directory

Detection

Endpoint

Authorizations

Path Parameters

Body

Response

Cases

Integration

Asset

Users

Team

Directory

Detection

Endpoint

Documentation Index

Authorizations

Path Parameters

Body

Response