21 Understanding Microsoft 365 Defender APIs

Application programming interfaces (APIs) are a way to programmatically connect applications to other applications. In the context of Microsoft 365 Defender, this could mean connecting your PowerShell scripts to query data; an independent software vendor (ISV) connecting to provide additional value in their tool; or using a service such as Azure Logic Apps to automate a workflow based on Microsoft 365 Defender triggers.

In this chapter, you’ll learn the fundamentals regarding APIs for Microsoft 365 Defender and its related services, such as MDE, MDO, MDA, and MDVM. Specifically, we’re going to cover the following:

The different APIs available, including their differences and when to use each
Accessing ...

Get Mastering Microsoft 365 Defender now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Microsoft 365 Defender by Ru Campbell, Viktor Hedberg

21

Understanding Microsoft 365 Defender APIs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly