Open ShourieG opened 1 year ago
Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
This is an integration I would like to see. Bumping for awareness.
https://learn.microsoft.com/en-us/defender-endpoint/api/get-all-vulnerabilities
https://learn.microsoft.com/en-us/defender-endpoint/api/get-all-vulnerabilities-by-machines
+1.
Pinging again here for awareness and the need for this integration.
We require a new data stream in the m365 defender integration that is capable of pulling vulnerability logs, using either the standard vulnerability api documented here or by using the latest graph apis documented here. The graph apis have limitations at the moment as they are not capable of fetching a paginated vulnerability list similar to the older standard REST apis. The approach needs to be decided.
This feature enhancement is tied to a recent customer request & support ticket linked here