MS Defender for Endpoint
Integrate Microsoft Defender EDR with your product –– along with other EDR & security vendors. Connect your product to all the applications your customers use via Leen's Unified API to close more deals, retain customers, and expand to new markets.
Integrate Microsoft Defender EDR with your product –– along with other EDR & security vendors. Connect your product to all the applications your customers use via Leen's Unified API to close more deals, retain customers, and expand to new markets.
Description
Unified API for Microsoft Defender for Endpoint Detection and Response
Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
Using Leen's Unified API for MS Defender EDR, you can:
- Extract detection and response data, including IOCs (Indicators of Compromise).
- Correlate endpoint activities with vulnerabilities for comprehensive security insights.
- Provide remediation lifecycle tracking to improve incident resolution efficiency.
Supported products
Lorem ipsum dolor sit amet, consectetur adipisc
Supported fields
Leen model
Supported
vendor_id
title
description
assigned_user
severity
vendor_severity
status
vendor_status
first_event_time
last_event_time
resolved_time
pid
process_created_at
process_filename
process_command_line
process_sha1
process_sha256
parent_pid
user_name
windows_sid
active_directory_username
active_directory_domain
Supported Alert Fields
Leen model
Supported
Supported Compliance Findings
Leen model
Supported
Supported User Fields
Leen model
Supported
Supported Group Fields
Leen model
Supported
Supported Application Fields
Leen model
Supported
Supported User-App Association Fields
Leen model
Supported
Supported IDP Alert Fields
Leen model
Supported
