Microsoft Defender For Endpoint (ATP)
Connection Requirements
1 - Tenant ID and Client ID
Steps to create Tenant ID and Client ID.
Log in to the Azure Portal with an administrator account.
Select Azure Active Directory.
Select App registrations > New registration. Fill in the details and click Register.
After you have created the app, you should see its Application ID and Directory ID. Write down these values in a safe place, These values are known as Client ID and Tenant ID.
2 - Client Secret
In the left menu, select Certificates & Secrets > New Client Secret. Click Add and copy the secret.
In the left menu, select API Permissions > Add a permission. Then select APIs my organization uses and select the WindowsDefenderATP API.
Select Application Permissions for required permissions.
Add the permission Machine.Read.All.
Click for more information.
Attention
Please perform a connection test to ensure there is a valid connection to the Microsoft ATP host. When the discovery operation finalized you will be able to see the details on Assets page.
Last updated