WithSecure Elements
Collect your endpoints inventory and threat detections from WithSecure Elements
The WithSecure Elements connector allows you to centralize your protected endpoints inventory and threat detections identified by your WithSecure platform.
Objective
The WithSecure Elements connector retrieves the following information:
- Protected endpoints inventory
- Threat detections and alerts
- Endpoints protection status
Prerequisites
- Access to WithSecure Elements with API rights
- Generation of API authentication credentials (Client ID, Client Secret)
Information to provide in OverSOC
| Field | Description |
|---|---|
| API URL* | URL of the WithSecure Elements API (e.g., https://api.connect.withsecure.com) |
| Client ID* | Client ID for API authentication |
| Client Secret* | Client secret for API authentication |
*Required fields
Procedure
Generate API credentials
- Log in to the WithSecure Elements console.
- Go to Management > Organization Settings > API client.
- Click Create API client.
- Name the client
OverSOCwith appropriate description. - Select the scope:
- Read-only: Check to enable read-only access (recommended for monitoring)
- Click Create.
- Copy the Client ID and Client Secret (secret will only be displayed once).
Configure the connector in OverSOC
- In OverSOC, go to Data Sources Settings > Sources.
- Select WithSecure Elements and click Configure.
- Fill in the required fields:
- API URL: https://api.connect.withsecure.com
- Client ID: Generated Client ID
- Client Secret: Generated Client Secret
- Click Test Connection to verify authentication.
- Click Save Configuration.
View WithSecure Elements documentation
Required Permissions
The API client must use the scope-based permission model:
- connect.api.read: Read-only access to API (enables endpoints, detections, and protection status access)