Microsoft Defender for Endpoint (aka ATP) – Software
About
Microsoft Defender for Endpoint provides real-time monitoring, threat detection, and vulnerability assessment to enable management of all software applications within a network. The platform identifies potential risks and automates remediation processes to ensure software compliance and protect against security threats.
Why You Should Integrate
Integrating with Microsoft Defender for Endpoint will provide visibility into software environments by identifying and monitoring all software applications that have communicated with Microsoft Defender for Endpoint cloud.
How Does the Integration Work
This integration pulls software assets from the Microsoft Defender for Endpoint security console that meet the following criteria:
- Software detected within your configured retention period
- Software accessible to the user (ApplicationID) based on software group settings
This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.
If you haven't already, please review our instructions for configuring the Microsoft Active Directory integration before proceeding with the instructions below.
Configuration Options
Tenant ID
This access schema includes all software assets associated with your Tenant ID
| Field | Description | Example |
|---|---|---|
Tenant ID* | The unique tenant ID associated with the software you would like to import into Sevco | 00000000-0000-0000-0000-000000000000 |
Tenant ID and Onboarding Status Settings
This access schema only includes software assets associated with your Tenant ID that belong to the categories you have selected.
| Field | Description | Example |
|---|---|---|
Tenant ID* | The unique tenant ID associated with the software you would like to import into Sevco | 00000000-0000-0000-0000-000000000000 |
Include Onboarded Status | Imports software that is in an Onboarded status into your Software Inventory | n/a |
Include Insufficient Info Status | Imports software that is in an Insufficient Info status into your Software Inventory | n/a |
Include Can Be Onboarded Status | Imports software that is in a Can Be Onboarded status into your Software Inventory | n/a |
Include Unsupported Status | Imports software that is in an Unsupported status into your Software Inventory | n/a |
Source Documentation
Creating credentials
See platform documentation for details on Microsoft Defender for Endpoints - Creating Credentials
Required Permissions
The following permission(s) are required:
Software.Read.All
Click here for instructions on editing application permissions.
API Documentation
Contact Us
If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].
Tags: cloud, epp-edr
Updated 5 months ago