https://github.com/microsoft/MicrosoftDefenderForEndpoint-API-PowerShell

This project contains samples how to use MDATP API for integration with other systems and products
https://github.com/microsoft/MicrosoftDefenderForEndpoint-API-PowerShell

Last synced: 4 months ago
JSON representation

This project contains samples how to use MDATP API for integration with other systems and products

• Host: GitHub
• URL: https://github.com/microsoft/MicrosoftDefenderForEndpoint-API-PowerShell
• Owner: microsoft
• License: mit
• Archived: true
• Created: 2019-07-21T07:35:53.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2019-12-22T12:00:07.000Z (over 5 years ago)
• Last Synced: 2024-08-13T07:03:34.465Z (8 months ago)
• Size: 40 KB
• Stars: 24
• Watchers: 8
• Forks: 9
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: SECURITY.md

Awesome Lists containing this project

• jimsghstars - microsoft/MicrosoftDefenderForEndpoint-API-PowerShell - This project contains samples how to use MDATP API for integration with other systems and products (Others)

README

        
---

page_type: sample

languages:

- powershell

products:

- mdatp

description: "Repository for PowerShell scripts using Microsoft Defender ATP public API"

---

# Microsoft Defender ATP PowerShell API samples

Welcome to the repository for PowerShell scripts using Microsoft Defender public API!

This repository is a starting point for all Microsoft Defender's users to share content and sample PowerShell code that utilizes Microsoft Defender API to enhance and automate your security.

Here are a few examples we published:

1. ["Hello World" - Pull alerts from Microsoft Defender ATP using API](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/WDATP-API-Hello-World-or-using-a-simple-PowerShell-script-to/ba-p/326813)

2. [Get Indicators of Attack (IoC) from MISP to Microsoft Defender ATP](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-and-Malware-Information-Sharing-Platform/m-p/576648#M100) ([Code](https://github.com/microsoft/MicrosoftDefenderATP-API-PowerShell/blob/master/Samples/Get-MISP-Hash.ps1))

3. [Automate Microsoft Defender ATP response - Isolate machine](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Automate-Windows-Defender-ATP-response-action-Machine-isolation/m-p/362701)

4. [Ticketing system integration – Alert update API](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Ticketing-system-integration-Alert-update-API/ba-p/352191)

## Share your work

We welcome you to share and contribute, check out the guide in the [CONTRIBUTING.md file](https://github.com/microsoft/MicrosoftDefenderATP-API-PowerShell/blob/master/CONTRIBUTING.md).

## API documentation

For more info on our available APIs - go to our [API documentation](https://docs.microsoft.com/en-gb/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list)

## Additional Microsoft Defender ATP repositories

We have more repositories for different use cases, we invite you to explore and contribute.

* [Python scripts using Microsoft Defender ATP public API](https://github.com/microsoft/MicrosoftDefenderATP-API-Python)

* [Microsoft Defender ATP Advanced Hunting (AH) sample queries](https://github.com/microsoft/WindowsDefenderATP-Hunting-Queries)

* [PowerBI reports using Microsoft Defender ATP data](https://github.com/microsoft/MicrosoftDefenderATP-PowerBI)