Defender ATP console is able to show that a hash or a domain has been previously seen on the hosts in the tenant. is there an graph API that could be leveraged to search for hosts with that hash or have seen traffic to a domain.
@Vaman-Kini - Yes, you can use the MDATP (Securitycenter) API's domain and file endpoints to retrieve statistic's related to domain and hash observations and lists of machines that have been observed interacting with those entities. You can utilize the API Explorer in the MDATP portal to try them out.
