Microsoft defender real time threat detection

Copper Contributor

hi all,

I'm working with Defender's API call with python. I've succeeded in getting the alerts of microsoft defender. 
There is a real time detection with phishing/malware/email. It's in the collaberation and real time detection. I find this data very usefull for threat intel. but there is no API call for these "alerts".

Is this a license issue or is it not possible to get the phishing/malware/email information via API call?

1 Reply
as far as I know: the Defender API is only connected to the Defender for Endpoint module. Phishing and mail alerts are generated by Defender for O365, the O365 module is not accessible via the Defender API.
Maybe there is a way to get these alerts via the Graph API.