Forum Discussion
microsoft defender for endpoint api to get protocol and port information
Microsoft defender for endpoint communicate using which protocol and port information
I need to find out which Api will provide protocol and port information.
Hi manohara_avt ,
You can find the schema for Defender for Endpoint API here https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/api/exposed-apis-list?view=o365-worldwide
Further information can be found on the side menu, such as samples and get started guides. I don't see anything in the schema that will provide anything you're asking for. Microsoft Sentinel has alerts for detecting outbound traffic to known malicious IPs etc, this will also provide the port they're connecting out from.
Microsoft Security Graph API may be able to provide what you're looking for? Have a look under threat intelligence on the side menu : https://learn.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-1.0
