Forum Discussion

bob_hes's avatar
bob_hes
Copper Contributor
Mar 18, 2024

Microsoft defender real time threat detection

hi all,

I'm working with Defender's API call with python. I've succeeded in getting the alerts of microsoft defender. 
There is a real time detection with phishing/malware/email. It's in the collaberation and real time detection. I find this data very usefull for threat intel. but there is no API call for these "alerts".

Is this a license issue or is it not possible to get the phishing/malware/email information via API call?


  • Emesskey's avatar
    Emesskey
    Copper Contributor
    Hello,
    as far as I know: the Defender API is only connected to the Defender for Endpoint module. Phishing and mail alerts are generated by Defender for O365, the O365 module is not accessible via the Defender API.
    Maybe there is a way to get these alerts via the Graph API.

Resources