Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Retrieves a collection of Alerts related to a given domain address. Limitations You can query on alerts last […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com Represent an Automated Investigation entity in Defender for Endpoint. For more information, see Overview of automated investigations. Methods METHODS […]
API description Provides methods and property details about the APIs that pull threat and vulnerability management data on a per-device basis. There are different API calls to get different types of data. In general, each API call contains the requisite data for devices in your organization. Note Unless indicated otherwise, all export assessment methods listed are full […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Updates properties of existing Alert. Submission of comment is available with or without updating properties. Updatable properties are: status, determination, classification, and assignedTo. […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Updates properties of a batch of existing Alerts. Submission of comment is available with or without updating properties. Updatable […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Creates new Alert on top of Event. Microsoft Defender for Endpoint Event is required for the alert creation. You need […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Retrieves a collection of Alerts. Supports OData V4 queries. OData supported operators: $filter on: alertCreationTime, lastUpdateTime, incidentId, InvestigationId, id, asssignedTo, detectionSource, lastEventTime, status, severity and category properties. $top with max value of […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com Methods METHODS Method Return Type Description Get alert Alert Get a single alert object. List alerts Alert collection List alert collection. Update alert […]
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com Limitations You can only run a query on data from the last 30 days. The results will include […]
Defender for Endpoint supports a wide variety of options to ensure that customers can easily adopt the platform. Acknowledging that customer environments and structures can vary, Defender for Endpoint was created with flexibility and granular control to fit varying customer requirements. Endpoint onboarding and portal access Device onboarding is fully integrated into Microsoft Endpoint Manager […]