Mar 03 2024 03:12 AM
I'm using the Defender for Endpoint API to generate customized server vulnerability reports. When I use the Defender portal to look up a server under Device Inventory, I can in the bottom of the screen under Directory data see a device Description that seems to be derived from on-prem AD server objects description.
However, when I use the following API to list all my devices in Defender, the description of the device is not included:
GET https://api.securitycenter.microsoft.com/api/machines
So, is there another API endpoint I can use to get the description of the devices, or would you consider adding this property to this API? I think it can be very useful to get this information about the device when quering this API for forensics ect.
PS: My customer servers are typically not Hybrid joined or using ARC agent, so I cannot se the devices in EntraID under devices.