Is it possible to submit filed to ATD via TIE with the current release of OpenDXL?
I'm trying to integrate our IDS into TIE. As the IDS can pull all executables it sees being transferred it'd be good to auto-submit these files to TIE/ATD for analysis before the user even has a chance to execute it on the endpoint.
Currently there isn't a way to post files to ATD using DXL (they can be posted via the ATD REST interface).
However, there will be an ATD-specific OpenDXL client library released in the future (similar to the current TIE and MAR releases). There was some discussion of possibly including a service wrapper to complement the client. One of the features of the wrapper could be the ability to post files to ATD over DXL. We will have more specifics to share in the near future.