sevco.io

Microsoft Defender for Endpoint (aka ATP) – Software

About

Microsoft Defender for Endpoint provides real-time monitoring, threat detection, and vulnerability assessment to enable management of all software applications within a network. The platform identifies potential risks and automates remediation processes to ensure software compliance and protect against security threats.

Why You Should Integrate

Integrating with Microsoft Defender for Endpoint will provide visibility into software environments by identifying and monitoring all software applications that have communicated with Microsoft Defender for Endpoint cloud.

How Does the Integration Work

This integration pulls software assets from the Microsoft Defender for Endpoint security console that meet the following criteria:

  • Software detected within your configured retention period
  • Software accessible to the user (ApplicationID) based on software group settings

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

⚠️

If you haven't already, please review our instructions for configuring the Microsoft Active Directory integration before proceeding with the instructions below.

Configuration Options

Tenant ID

This access schema includes all software assets associated with your Tenant ID

FieldDescriptionExample
Tenant ID*The unique tenant ID associated with the software you would like to import into Sevco00000000-0000-0000-0000-000000000000

Tenant ID and Onboarding Status Settings

This access schema only includes software assets associated with your Tenant ID that belong to the categories you have selected.

FieldDescriptionExample
Tenant ID*The unique tenant ID associated with the software you would like to import into Sevco00000000-0000-0000-0000-000000000000
Include Onboarded StatusImports software that is in an Onboarded status into your Software Inventoryn/a
Include Insufficient Info StatusImports software that is in an Insufficient Info status into your Software Inventoryn/a
Include Can Be Onboarded StatusImports software that is in a Can Be Onboarded status into your Software Inventoryn/a
Include Unsupported StatusImports software that is in an Unsupported status into your Software Inventoryn/a

Source Documentation

Creating credentials

See platform documentation for details on Microsoft Defender for Endpoints - Creating Credentials

Required Permissions

The following permission(s) are required:

  • Software.Read.All

Click here for instructions on editing application permissions.

API Documentation

List Software Inventory API

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: cloud, epp-edr