Latest Version 3.2.0
September 17, 2021
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Windows Defender ATP
This app integrates with Windows Defender Advanced Threat Protection(ATP) to execute various containment, corrective and investigative actions
Built by
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating
0
(0)
Log in to rate this app
Support
Splunk Supported connector
Ranking
#2
in Endpoint
This app integrates with Windows Defender Advanced Threat Protection(ATP) to execute various containment, corrective and investigative actions
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using the supplied configuration
- quarantine device: Quarantine the device
- unquarantine device: Unquarantine the device
- get status: Get status of the event on a machine
- scan device: Scan a device for virus
- quarantine file: Quarantine a file
- list devices: List of recently seen devices
- list alerts: List all alerts of a given type
- list sessions: List all logged in users on a machine
Categories
Created By
Splunk Inc.
Source Code
GitHub(Opens new window)Type
connector
Licensing
Apache License 2.0(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing