Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Windows Defender ATP app icon

Windows Defender ATP

This app integrates with Windows Defender Advanced Threat Protection(ATP) to execute various containment, corrective and investigative actions

Built by Splunk Inc.
soar product badge
Latest Version 3.2.0
September 17, 2021
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating

0

(0)

Log in to rate this app
Support
Windows Defender ATP support icon
Splunk Supported connector
Ranking

#2

in Endpoint
This app integrates with Windows Defender Advanced Threat Protection(ATP) to execute various containment, corrective and investigative actions

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using the supplied configuration
  • quarantine device: Quarantine the device
  • unquarantine device: Unquarantine the device
  • get status: Get status of the event on a machine
  • scan device: Scan a device for virus
  • quarantine file: Quarantine a file
  • list devices: List of recently seen devices
  • list alerts: List all alerts of a given type
  • list sessions: List all logged in users on a machine

Categories

Created By

Splunk Inc.

Source Code

Type

connector
0

Licensing

Splunk Answers

Resources

Login to report this app listing