Microsoft Defender

Connection Requirements

1

Tenant ID and Client ID

Steps to create Tenant ID and Client ID.

  • Log in to the Azure Portal with an administrator account.

  • Select Azure Active Directory.

  • Select App registrations > New registration. Fill in the details and click Register.

  • After you have created the app, you should see its Application ID and Directory ID. Write down these values in a safe place. These values are known as Client ID and Tenant ID.

2

Client Secret

  • In the left menu, select Certificates & Secrets > New Client Secret. Click Add and copy the secret.

  • In the left menu, select API Permissions > Add a permission. Then select APIs my organization uses and select the WindowsDefenderATP API.

  • Select Application Permissions for required permissions.

  • Add the permission Machine.Read.All, Software.Read.All

3

Timeout

Amount of time that will be waited for API response. (default: 60)

4

Fetch Vulnerabilities

Fetch vulnerability information. (optional, default: True). Scope: Vulnerability.Read.All

5

Fetch Missing Kbs

Fetch missing kbs information. (optional, default: True). Scope: Software.Read.All

6

Fetch Installed Softwares

Fetch installed software information. (optional, default: True).

7

Fetch Logged On Users

Fetch logged on users information. (optional, default: False). Scope: User.Read.All

8

Fetch Security Recommendations

Fetch list of security recommendations affecting the machines.

9

SSL

Use SSL for connection. (optional, default: Encrypted).

🔵 Note Click for more information.

⚠️ Attention Please perform a connection test to ensure there is a valid connection to the host. When the discovery operation is finalized, you will be able to see the details on the Assets page.

PreviousMicrosoft Azure App Service CertificatesNextMicrosoft DNS

Was this helpful?